React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable https://www.bleepingcomputer.com/news/security/react2shell-flaw-exploited-to-breach-30-orgs-77k-ip-addresses-vulnerable/

Using ClickHouse for Real-Time L7 DDoS & Bot Traffic Analytics with Tempesta FW https://www.reddit.com/r/netsec/comments/1pdd7gt/using_clickhouse_for_realtime_l7_ddos_bot_traffic/

Hackers are exploiting ArrayOS AG VPN flaw to plant webshells https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/

New wave of VPN login attempts targets Palo Alto GlobalProtect portals https://www.bleepingcomputer.com/news/security/new-wave-of-vpn-login-attempts-targets-palo-alto-globalprotect-portals/

Attackers have a new way to slip past MFA in educational orgs https://www.malwarebytes.com/blog/news/2025/12/attackers-have-a-new-way-to-slip-past-your-mfa

China APT UNC5174 Hijacks Discord API as Covert C2 Channel to Evade Detection and Conduct Espionage https://securityonline.info/china-apt-unc5174-hijacks-discord-api-as-covert-c2-channel-to-evade-detection-and-conduct-espionage/

React2Shell Vulnerability Under Attack From China-Nexus Groups https://www.darkreading.com/vulnerabilities-threats/react2shell-under-attack-china-nexus-groups

Leaks show Intellexa burning zero-days to keep Predator spyware running https://www.malwarebytes.com/blog/news/2025/12/leaks-show-intellexa-burning-zero-days-to-keep-predator-spyware-running

IACR Nullifies Election Because of Lost Decryption Key https://www.schneier.com/blog/archives/2025/11/iacr-nullifies-election-because-of-lost-decryption-key.html

Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass https://securityonline.info/apache-http-server-2-4-66-fixes-ssrf-flaw-cve-2025-59775-exposing-ntlm-hashes-on-windows-and-suexec-bypass/

Researchers Use Poetry to Jailbreak AI Models https://www.darkreading.com/threat-intelligence/researchers-use-poetry-to-jailbreak-ai-models