InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of ...
FinanceFeeds

Fintechs Brace for Bot Attacks as Fraud Attempts Surge

Bot attacks are soaring as part of an overall increase in fraud attempts. With fintechs among attackers’ favorite targets, ...
Tax Guru

Technical & Operational Impediments in Implementation of Section 139(8A)

Explore the legal and technical hurdles in filing Updated Returns under Section 139(8A), including Excel utility dependencies and procedural ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
Security Boulevard

Top CVEs of December 2025

December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...
Security Boulevard

Web Browsing’s Dark Side: Understanding Ransomware over Modern Web Browsers

Introduction As the world is more and more switched to the availability of the internet, web browsers act as portals to numerous services and data. However, such conveniences mean the existence of ...