FvncBot Android Malware Steals Keystrokes and Injects Harmful Payloads
A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers from Intel 471 first identified…
Latest Cybersecurity News — Page 828
View all →
2.15M Next.js Web Services Exposed Online, Active Attacks Reported
Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as “React2Shell.” The flaw affects React…
2.15M Web Services Running Next.js Exposed Over Internet, Active Exploitation Underway – Patch Now
A critical unauthenticated remote code execution vulnerability dubbed “React2Shell” is actively being exploited in the wild, putting millions of web services at risk. On December…
Sprocket Security Earns Repeat Recognition in G2’s Winter 2025 Penetration Testing Index
Madison, United States, December 5th, 2025, CyberNewsWire Sprocket Security is proud to announce that it has once again been recognized by G2 for “High Performer,”…
Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges
Security researchers from the SAFA team have uncovered four kernel heap overflow vulnerabilities in Avast Antivirus, all traced to the aswSnx kernel driver. The flaws,…
Maximum-severity XXE vulnerability discovered in Apache Tika
Maximum-severity XXE vulnerability discovered in Apache Tika Pierluigi Paganini December 06, 2025 A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of…
State-linked groups target critical vulnerability in React Server Components
Researchers warn that critical vulnerabilities in Meta’s React Server Components and Next.js are under threat from botnets and state-linked adversaries. China-nexus threat groups, tracked as…
Attackers hit React defect as researchers quibble over proof
Attackers of different origins and motivations swiftly exploited a critical vulnerability dubbed React2Shell, affecting React Server Components shortly after Meta and the React team publicly…
More evidence your AI agents can be turned against you
Agentic AI tools are being pushed into software development pipelines, IT networks and other business workflows. But using these tools can quickly turn into a…
Russian Hackers Spoof European Events in Targeted Phishing Attacks
Russian threat actors are running a new wave of phishing campaigns that spoof major European security events to quietly steal cloud credentials. Invitations that look…
AWS Execution Roles Enable Subtle Privilege Escalation in SageMaker and EC2
A persistent privilege escalation technique in AWS that allows attackers with limited permissions to execute code under higher-privileged execution roles on EC2 instances and SageMaker…
Bipartisan health care cybersecurity legislation returns to address a cornucopia of issues
A bipartisan group of senators are looking to tackle health care cybersecurity by reviving legislation that would update regulations and guidelines, authorize grants, offer training…