Maximum-severity XXE vulnerability discovered in Apache Tika
Maximum-severity XXE vulnerability discovered in Apache Tika Pierluigi Paganini December 06, 2025 A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of…
Author: Cybernoz
State-linked groups target critical vulnerability in React Server Components
Researchers warn that critical vulnerabilities in Meta’s React Server Components and Next.js are under threat from botnets and state-linked adversaries. China-nexus threat groups, tracked as…
Attackers hit React defect as researchers quibble over proof
Attackers of different origins and motivations swiftly exploited a critical vulnerability dubbed React2Shell, affecting React Server Components shortly after Meta and the React team publicly…
More evidence your AI agents can be turned against you
Agentic AI tools are being pushed into software development pipelines, IT networks and other business workflows. But using these tools can quickly turn into a…
Russian Hackers Spoof European Events in Targeted Phishing Attacks
Russian threat actors are running a new wave of phishing campaigns that spoof major European security events to quietly steal cloud credentials. Invitations that look…
AWS Execution Roles Enable Subtle Privilege Escalation in SageMaker and EC2
A persistent privilege escalation technique in AWS that allows attackers with limited permissions to execute code under higher-privileged execution roles on EC2 instances and SageMaker…
Bipartisan health care cybersecurity legislation returns to address a cornucopia of issues
A bipartisan group of senators are looking to tackle health care cybersecurity by reviving legislation that would update regulations and guidelines, authorize grants, offer training…
Barts Health NHS discloses data breach after Oracle zero-day hack
Barts Health NHS Trust, a major healthcare provider in England, announced that Clop ransomware actors have stolen files from one of its databases after exploiting a vulnerability…
Cloudflare Outage Traced to Emergency React2Shell Patch Deployment
Cloudflare’s global network suffered a brief but widespread disruption this morning, lasting approximately 25 minutes, due to an internal change in its Web Application Firewall…
Cloudflare Outage Triggers Widespread 500 Internal Server Errors
Cloudflare has announced that it is currently experiencing a significant outage impacting its Dashboard and Cloudflare API services. Many users around the world are reporting…
LockBit Returns With New Data Leak Site, 7 Victims
The LockBit ransomware group is making a comeback, with a new data leak site and seven new victims. LockBit was once the most feared ransomware…
Netflix Acquires Warner Bros. Studios and HBO in Landmark $82.7 Billion Megadeal
Netflix has struck a transformative deal to acquire Warner Bros. studios, HBO, and HBO Max from Warner Bros. Discovery (WBD) in a cash-and-stock transaction valued…