InfoWorld

10 MCP servers for devops

Tap these Model Context Protocol servers to supercharge your AI-assisted coding tools with powerful devops automation ...
The Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

Critical React Server Components flaw (CVE-2025-55182) fuels automated attacks dropping miners and multiple new Linux malware ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...
The Hacker News

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

WIRTE expands AshTag espionage operations, using phishing & DLL sideloading to target Middle East govts with persistent ...
SecurityWeek

Wide Range of Malware Delivered in React2Shell Attacks

Security firms have seen cryptocurrency miners, Linux backdoors, botnet malware, and post-exploitation implants in ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked ...
Infosecurity Magazine

React2Shell Under Active Exploitation by China-Nexus Hackers

React2Shell (CVE-2025-55182) is under active exploitation by Earth Lamia and Jackpot Panda, risking over two million ...
Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

As exploitation activity against CVE-2025-55182, researchers are finding some exploits contain bypasses for Web application firewall (WAF) rules.