Dark Reading

Attackers Use New Tool to Scan for React2Shell Exposure

Researchers say threat actors used the sophisticated — and unfortunately named — toolkit to target high-value networks for ...
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
The Hacker News

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.
Computer Weekly

PromptSpy Android malware may exploit Gemini AI

A newly-uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence.