Security Boulevard

Top CVEs of December 2025

December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...
Cybernews

Wavlink routers and other IoT devices hit by React2Shell attacks

RondoDox botnet exploited React2Shell to compromise IoT devices and Next.js servers over a nine-month global campaign.
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Security Boulevard

When One Vulnerability Breaks the Internet and Millions of Devices Join In

The final weeks of 2025 did not arrive quietly. A single software flaw rippled across the internet, healthcare providers disclosed deeply personal data exposures, and millions of everyday devices ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...
Analytics Insight

Best Web Development Frameworks to Use in 2026

Overview:  Web development frameworks focusing on performance, scalability, and long-term maintainability will be preferred by developers in 2026.React wit ...
The Register on MSN

React2Shell exploitation spreads as Microsoft counts hundreds of hacked machines

Security boffins warn flaw is now being used for ransomware attacks against live networks Microsoft says attackers have already compromised "several hundred machines across a diverse set of ...
Search Engine Land

Google explains JavaScript execution on non-200 HTTP status codes

Google made another change to the JavaScript SEO documentation help document to explain and clarify JavaScript execution on non-200 HTTP status codes. The change. Google wrote, “All pages with a 200 ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...
Gizmodo

OpenAI’s ‘Code Red’ Crisis Memo Teases New Model and Ads in ChatGPT

OpenAI CEO Sam Altman has declared “code red” at the company, refocusing all resources into improving the quality of its flagship product ChatGPT and delaying other initiatives, some of which are yet ...
PC Magazine

Code Red at OpenAI: Employees Ordered to Focus on ChatGPT Improvements

Code Red at OpenAI: Employees Ordered to Focus on ChatGPT Improvements CEO Sam Altman reportedly told staff on Monday that the company needs to concentrate on its chatbot to ensure it doesn’t fall ...