RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
InfoWorld

Intro to Hotwire: HTML over the wire

This concept isn’t new—in fact, it is the essence of representational state transfer (REST). Instead of converting to a ...
The Hacker News

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
CoinDesk

Unleash Protocol hit by $3.9 million exploit with funds routed through Tornado Cash

An attacker seized control of Unleash Protocol’s multisig governance to upgrade contracts and siphon funds, which were later ...