3 matches found
Internet-Scale Measurement of React2Shell Exploitation Using an Active Network Telescope
The increasing adoption of server-side component-based web frameworks has introduced new application-layer attack surfaces that remain insufficiently understood at Internet scale. On 3 December 2025, a critical remote code execution vulnerability CVE-2025-55182 in React Server Components, referre...
IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations
Threat actors predominately exploited public-facing applications for the second quarter in a row, with this tactic appearing in nearly 40 percent of Cisco Talos Incident Response Talos IR engagements -- a notable decrease from over 60 percent last quarter, when engagements involving ToolShell...
CVE-2026-0625
Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the device’s DN...