InfoWorld

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...

Solving The Clarity Problem For Vulnerability Management

As disclosure-to-exploitation timelines compress, organizations are rethinking how they validate exploitability and ...
CSO Online

WatchGuard fixes ‘critical’ zero-day allowing firewall takeover

Because it was under attack before a patch was made available by WatchGuard on December 18, this makes CVE-2025-14733 a bona ...

CISA flags ASUS Live Update CVE, but the attack is years old

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

WatchGuard Firebox OS forced to patch worrying security flaw, so update now

WatchGuard patches critical RCE flaw (CVE‑2025‑14733) in Firebox firewalls, being actively exploited in the wildCISA added it ...