Author: Tudorel Iancu

Threat Overview On 2025-12-17 AlienVault released a new threat report titled UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager. The report details a Chinese-nexus advanced persistent threat (APT) that has been

Threat Overview In the latest intelligence released by AlienVault on 12 December 2025, the cybersecurity community is warned about the BlackForce phishing kit. First observed in August 2025, this kit has undergone rapid evolution, with multiple

Threat Overview On 2025-12-10 AlienVault released a detailed threat report titled PeerBlight Linux Backdoor Exploits React2Shell CVE-2025-55182. The report documents a critical vulnerability in React Server Components (CVE-2025-55182) that has already been actively exploited across multiple

In the latest intelligence gathering, security analysts have identified a sophisticated and highly automated threat actor group that is actively exploiting a critical vulnerability in React Server Components, identified as CVE‑2025‑55182. The group, referred to in

Threat Overview: PeerBlight Linux Backdoor Exploits React2Shell Vulnerability In a recent publication released on December 10, 2025, security researchers from AlienVault have identified a critical vulnerability in React Server Components, designated as CVE‑2025‑55182. The vulnerability is

Introduction In the rapidly evolving landscape of cloud-native development, the React Server Components (RSC) feature has emerged as a powerful tool for building high-performance applications. However, a newly disclosed vulnerability, CVE-2025-55182, commonly referred to as “React2Shell,”

Executive Summary On 2025-12-08, CyberHunter_NL released a threat report titled JPCERT Confirms Active Command Injection Attacks on Array AG Gateways. The alert, issued by JPCERT/CC, confirms that a previously unassigned command‑injection vulnerability in Array Networks’ AG

On December 4 2025 AlienVault released a new threat report titled Prolific Zero-Day Exploits Continue. The report details the ongoing activities of the cyber‑espionage group Intellexa, which has continued to develop sell and deploy zero‑day vulnerabilities

Threat Overview In late December 2025, security researchers uncovered a sophisticated supply‑chain attack that leveraged the Visual Studio Code ecosystem to deliver a multi‑stage malware payload. The attack was initiated through a seemingly innocuous extension named

In a recent intelligence briefing released on December 3, 2025, the security community was alerted to a sophisticated campaign that leverages the open‑source Evilginx 3.0 framework to compromise single sign‑on (SSO) services across higher‑education institutions in