North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...

Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was recently discovered in ...
The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...
SecurityWeek

React2Shell Attacks Linked to North Korean Hackers

Attacks exploiting the recently emerged React vulnerability dubbed React2Shell appear to have been conducted by North Korean ...

In 1995, a Netscape employee wrote a hack in 10 days that now runs the Internet

“Bill Gates was bitching about us changing JS all the time,” Eich later recalled of the fall of 1996. Microsoft created its ...
Windows Latest

Discord admits its Windows 11 app is a resource hog, tests auto-restart when RAM usage exceeds 4GB

Discord's experiment that automatically restarts the desktop client when memory usage is high on Windows 11. Up to 4GB.
Infosecurity Magazine

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean ...
Analytics India Magazine

AWS Launches AI Agent to Automate Large-Scale Code Modernisation & Reduce Technical Debt

Early customers have reported up to 80% reduction in execution time, allowing teams to redeploy developer hours toward ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...

Popular JavaScript library can be hacked to allow attackers into user accounts

A popular JavaScript cryptography library is vulnerable in a way which could allow threat actors to break into user accounts.
The Hacker News

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean actors deployed 197 new npm packages delivering evolved OtterCookie and GolangGhost malware through fake ...
InfoWorld

Contagious Interview attackers go ‘full stack’ to fool you

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a ...