The Hacker News

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term ...

Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
InfoWorld

Back to the future: The most popular JavaScript stories and themes of 2025

The key themes that defined the year behind us will also shape the one ahead. The most-read articles of 2025 tracked a return ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
SecurityWeek

Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist

Shai-Hulud 2.0 infected over 12,000 systems and exposed Trust Wallet keys that were used to steal $8.5 million from 2,520 ...
InfoWorld

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications.