In early December 2025, the cybersecurity community was rocked by the public disclosure of a critical, easily exploitable vulnerability in React Server Components (RSC). RSC is the backbone of many modern web applications. Assigned CVE-2025-55182, and quickly nicknamed React2Shell, this vulnerabilit
Over the past year, security researchers have spotlighted a growing menace in the ransomware ecosystem: a packer-as-a-service known as Shanya. The rise of Shanya shows how modern attackers outsource core workflow parts. They now rely on services for obfuscation and endpoint detection and response (E
The discovery of a malware campaign called Shai-Hulud 2.0 has drawn widespread attention across the cybersecurity world, not only because it affected a large number of people, but also due to its unusual spread. Although the name sounds like something from science fiction, the threat remains very r
Glassworm has reappeared in a third wave. Researchers have spotted dozens of newly published Visual Studio Code–compatible extensions. These extensions again carry a suite of clandestine, developer-focused malware behaviors. The most recent activity was discovered in late November and reported on De
The recent cyberattack on the OnSolve CodeRED system has shocked public safety agencies across the United States, revealing the deep vulnerability of critical emergency-alert infrastructure. The incident was claimed by the INC Ransomware gang, a relatively new, but increasingly active, ransomware-as
The phishing threat landscape continues to evolve rapidly, and recent developments highlight how attackers are combining professional cybercrime platforms with realistic visual deception techniques to bypass user confidence and technical controls. A notable example is the recent evolution of the Sne
In the rapidly evolving world of cybercrime, the Kraken ransomware group stands out for its sophisticated tactics. It benchmarks victim systems before encrypting data. This rare approach allows Kraken to adapt encryption dynamically, maximizing damage while lowering detection risk. Emerging in 2025,
After a six-month hiatus, DanaBot malware has reemerged, signaling the return of one of cybercrime's most adaptive threats. Once a banking trojan, DanaBot has evolved into a modular, multipurpose framework supporting espionage, data theft, and ransomware delivery. Moreover, its return also follows
In November 2025, researchers publicly disclosed a previously unknown Android spyware family, now called Landfall. The security team at Unit 42 (part of Palo Alto Networks) described it in a blog post as "new commercial-grade Android spyware in an exploit chain targeting Samsung devices." The
In a striking demonstration of how cyber-threats adapt to emerging technologies, Microsoft's Incident Response team has uncovered a sophisticated new malware known as SesameOp, which uniquely exploits the OpenAI Assistants API for command-and-control (C2) operations. This discovery marks one of the