Topic: cybersecurity reports
-
RondoDox Botnet Breaches Next.js Servers via React2Shell Flaw
The RondoDox botnet is actively exploiting the critical React2Shell vulnerability (CVE-2025-55182) to compromise Next.js servers, deploying malware and cryptocurrency miners. This campaign is part of the botnet's evolving, aggressive strategy, which also includes large-scale exploitation of vulne...
Read More » -
Patched FortiGate Firewalls Still Vulnerable to Hacks
A critical Fortinet firewall vulnerability (CVE-2025-59718) persists despite patches, allowing unauthorized admin access via the FortiCloud SSO feature even on the latest software versions. Fortinet is preparing new updates, but the immediate recommendation is to disable the "Allow administrative...
Read More » -
APT36 Hackers Use Linux .desktop Files to Deploy Malware in Latest Campaign
A cyber espionage campaign by Pakistani-linked group APT36 is targeting Indian government and defense sectors using malicious Linux .desktop files disguised as PDFs in phishing emails. The attack involves weaponized .desktop files that execute hidden commands to download and run a Go-based malwar...
Read More »