CoinTelegraph

SwapNet exploit drains up to $13.3M from Matcha Meta users

Matcha Meta urged users to revoke one-time approvals for SwapNet’s router contract after a smart-contract vulnerability saw around $13.3 million stolen on the Base blockchain. Update, Jan. 27, 9:15 am ...
Ars Technica

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white ...
Bleeping Computer

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a ...
Source New Mexico

New Mexico v. Meta civil trial over child exploitation slated for Feb. 2 start

A New Mexico district judge this week denied requests by social media giant Meta to dismiss a New Mexico Department of Justice lawsuit alleging the company allowed child exploitation on its sites, ...
Wired

OpenAI’s Child Exploitation Reports Increased Sharply This Year

OpenAI sent 80 times as many child exploitation incident reports to the National Center for Missing & Exploited Children during the first half of 2025 as it did during a similar time period in 2024, ...
World Socialist Web Site

Abuse and exploitation endemic in Australia’s Pacific “guest worker” scheme

According to a report by the Australian Broadcasting Corporation (ABC) on December 5, an estimated 7,200 Pacific Islanders involved in Australia’s “guest worker” scheme have quit their employment over ...
Microsoft

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...
Fox News

FBI investigating more than 350 subjects tied to violent online '764' network

The FBI has launched a probe into the violent online network known as "764," with the bureau investigating more than 350 subjects, Fox News has learned. The FBI described 764 in a statement as being a ...
The Hacker News

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation.
The Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of ...
Bleeping Computer

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...
Infosecurity-magazine.com

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...