Google Finds China and Iran Actors Exploiting React2Shell Flaws
December 16, 2025
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver
Application Security
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver malware. This vulnerability, is becoming ...
Google Chrome Extension With Millions of Users May Be Compromising Privacy
The Urban VPN Proxy, trusted by over 6 million users on Google Chrome, is suspected of covertly harvesting data entered into AI chatbots. The extension ...
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
A vulnerability in Notepad++ could have let attackers hijack update traffic. This flaw stemmed from weak file authentication during updates. A report by security researcher ...
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
A stealth campaign has targeted developers using VSCode with 19 malware-infested extensions since February. Threat actors exploit the flexibility of VSCode extensions to distribute malicious ...
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Google has implemented security measures to patch the GeminiJack vulnerability, a zero-click exploit that exposed enterprise data to potential threats through emails and calendar invites. ...
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft is set to bolster Teams with a new security feature that examines suspicious traffic involving external domains. This strategic enhancement is poised to assist ...
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Researchers identified a .NET security flaw impacting enterprise-grade solutions, urging a fix. Despite discovering the vulnerability, Microsoft has chosen not to address the issue, leading ...
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
A new vulnerability dubbed SOAPwn has been discovered within the .NET Framework, posing significant risks to enterprise applications by potentially enabling remote code execution. Several ...
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
Fortinet addresses critical vulnerabilities in FortiOS and associated products with new security updates. These weaknesses could allow attackers to bypass the FortiCloud Single Sign-On (SSO) ...
Adobe’s Comprehensive Security Update Targets Massive Vulnerabilities Array
Adobe released a security update fixing nearly 140 vulnerabilities, prominently targeting cross-site scripting (XSS) vulnerabilities in its Experience Manager. This extensive fix demonstrates the company’s ...
Google Chrome Extension With Millions of Users May Be Compromising Privacy
December 16, 2025
The Urban VPN Proxy, trusted by over 6 million users on Google Chrome, is suspected of covertly harvesting data entered
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
December 15, 2025
A vulnerability in Notepad++ could have let attackers hijack update traffic. This flaw stemmed from weak file authentication during updates.
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
December 15, 2025
A stealth campaign has targeted developers using VSCode with 19 malware-infested extensions since February. Threat actors exploit the flexibility of
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
December 11, 2025
Google has implemented security measures to patch the GeminiJack vulnerability, a zero-click exploit that exposed enterprise data to potential threats
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
December 11, 2025
Microsoft is set to bolster Teams with a new security feature that examines suspicious traffic involving external domains. This strategic
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
December 11, 2025
Researchers identified a .NET security flaw impacting enterprise-grade solutions, urging a fix. Despite discovering the vulnerability, Microsoft has chosen not
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
December 11, 2025
A new vulnerability dubbed SOAPwn has been discovered within the .NET Framework, posing significant risks to enterprise applications by potentially
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
December 11, 2025
Fortinet addresses critical vulnerabilities in FortiOS and associated products with new security updates. These weaknesses could allow attackers to bypass
Adobe’s Comprehensive Security Update Targets Massive Vulnerabilities Array
December 11, 2025
Adobe released a security update fixing nearly 140 vulnerabilities, prominently targeting cross-site scripting (XSS) vulnerabilities in its Experience Manager. This
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.