Latest Cybersecurity News and Articles
05 December 2025
Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it becoming public knowledge.
The vulnerability in question is CVE-2025-55182 (CVSS score: 10.0), aka React2Shell, which allows unauthenticated remote code execution. It has been addressed in React versions 19.0.1, 19.1.2, and 19.2.1.
According
05 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 5, 2025 – Read the full story in Bolde High school students and parents, listen up! Some fields are skyrocketing in demand, offering promising career prospects and competitive salaries. However, gaining
The post Here’s What GPA You Need To Study In The Cybersecurity Field appeared first on Cybercrime Magazine.
05 December 2025
A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator spyware, Amnesty International said in a report.
The link, the non-profit organization said, is a "Predator attack attempt based on the technical behaviour of the infection
05 December 2025
Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging.
That’s why we created ”Getting to Yes”: An Anti-Sales Guide for MSPs. This guide helps service providers transform resistance into trust and
05 December 2025
The startup will invest in expanding its engineering and research teams, deepening product integrations, and scaling go-to-market efforts.
The post Lumia Security Raises $18 Million for AI Security and Governance appeared first on SecurityWeek.
05 December 2025
Cloudflare recently mitigated a new record-breaking Aisuru attack that peaked at 14.1 Bpps.
The post Aisuru Botnet Powers Record DDoS Attack Peaking at 29 Tbps appeared first on SecurityWeek.
05 December 2025
Helmet Security has built an end-to-end platform that secures the infrastructure for agentic AI communication.
The post Helmet Security Emerges From Stealth Mode With $9 Million in Funding appeared first on SecurityWeek.
05 December 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China (PRC) to maintain long-term persistence on compromised systems.
"BRICKSTORM is a sophisticated backdoor for VMware vSphere and Windows environments," the agency said. "
05 December 2025
AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182.
The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek.
05 December 2025
Quantum computing, biometrics and more — these are five predictions for the cybersecurity landscape in 2026.
05 December 2025
A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week.
The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It's rooted in Array's DesktopDirect, a remote desktop access solution that allows users to securely access
04 December 2025
China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: Phishing kits for mass-creating fake but convincing e-commerce websites that convert customer payment card data into mobile wallets from Apple and Google. Experts say these same phishing groups also are now using SMS lures that promise unclaimed tax refunds and mobile rewards points.
04 December 2025
The Ministry of Communications on had asked smartphone makers to install the government’s “Sanchar Saathi” app within 90 days and to prevent users from disabling it.
The post India Rolls Back Order to Preinstall Cybersecurity App on Smartphones appeared first on SecurityWeek.
04 December 2025
Significant cybersecurity M&A deals announced by Arctic Wolf, Bugcrowd, Huntress, Palo Alto Networks, and Zscaler.
The post Cybersecurity M&A Roundup: 30 Deals Announced in November 2025 appeared first on SecurityWeek.
04 December 2025
The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat group in attacks targeting organizations in China.
The search engine optimization (SEO) poisoning campaign leverages Microsoft Teams lures to trick unsuspecting users into downloading a malicious setup file that leads to the deployment of ValleyRAT (Winos 4.0), a known malware
04 December 2025
Established in 2024 by Cybereason co-founders Lior Div and Yonatan Striem-Amit, the company has raised a total of $166 million in funding.
The post Agentic Security Firm 7AI Raises $130 Million appeared first on SecurityWeek.
04 December 2025
Hackers stole the names, addresses, Social Security numbers, and financial and medical information of 9,542 people.
The post Inotiv Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
04 December 2025
Building a Secure Foundation for the Future of Autonomous Transactions –Dr. Alissa Abdullah, Deputy Chief Security Officer, Mastercard San Jose, Calif. – Dec. 4, 2025 Agentic commerce is changing the way we shop and interact online. Imagine telling your digital assistant to find the best
The post Cybersecurity in Agentic Commerce: Safeguarding the Autonomous Future appeared first on Cybercrime Magazine.
04 December 2025
The state-sponsored hackers relied on phishing emails to deliver a malicious payload to Reporters Without Borders (RSF).
The post Reporters Without Borders Targeted by Russian Hackers appeared first on SecurityWeek.
04 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 4, 2025 – Read the full story from BreachLock Cybersecurity is no longer considered a “technical issue managed by IT departments, according to IBM. Rather, it “dominates concerns among the C-suite.”
The post How To Reframe Cybersecurity Budget Requests And Get Them Approved appeared first on Cybercrime Magazine.