Technology ❯ Cybersecurity ❯ Vulnerabilities

Exploitation

CVE-2025-55182 Windows Server Update Services CVE-2024-50623 Zero-Day Exploits Palo Alto Networks Forensic Exploits Citrix Systems Malicious Code CVE-2025-10035 CitrixBleed 2 Microsoft SharePoint CVE-2025-54236 Threat Intelligence Remote Access CVE-2025-59489 React2Shell CVE-2025-61882 Critical Vulnerabilities React Vulnerability WinRAR ToolShell Spyware User Risks CVE-2025-12480 Incidents Vendor Responsibility Zero-Days

React2Shell Exploited in the Wild as China-Linked Groups Target Unpatched React Server Components

Urgent patching remains the primary defense for internet-facing apps built on React Server Components.

React2Shell Exploited at Scale as CISA Sets Dec. 26 Patch Deadline and Breaches Mount

Amazon Reveals Pre‑Disclosure Exploits of Citrix NetScaler and Cisco ISE to Plant Stealth Backdoor

Mandiant Says Hackers Exploit Triofox Flaw to Create Admin Accounts and Execute Code

CISA Sets Nov. 14 Deadline After Active Attacks on Critical WSUS Flaw

Active Attacks Target Adobe Commerce With 'SessionReaper' Exploit

China-Linked Actor Turns Velociraptor Into Ransomware Beachhead, Cisco Talos Warns

Steam Blocks Risky Launches as Microsoft Urges Uninstalls After Unity Patches High-Severity Engine Flaw

Researchers Say GoAnywhere CVSS 10 Flaw Was Exploited as Zero-Day Before Disclosure

Microsoft’s September Patch Tuesday Fixes 80–86 Flaws, Two Disclosed Zero-Days, No Active Exploits

Dutch National Cyber Security Centre Confirms NetScaler Zero-Day Breaches

CISA Confirms Active CitrixBleed 2 Exploitation and Mandates One-Day Patch