Active since at least 2022, UAT-7290 demonstrates a significant capacity for conducting deep-seated espionage while simultaneously functioning as an initial access group.
After a peak of more than 430,000 attack sessions in late December, daily volumes targeting React2Shell have stabilized in the 300,000 to 400,000 range.
IBM published updates for the affected versions of API Connect on Jan. 2., and urged organizations to update affected versions as soon as possible.
Read More IBM Warns of Critical Auth Bypass Bug in API Connect
MongoDB disclosed the vulnerability (CVE-2025-14847) on Dec. 19 and a few days later, a public exploit for it appeared online.
Read More Serious MongoDB Flaw CVE-2025-14847 Under Exploitation
There may not be any computers in Home Alone, but few movie characters embody the old-school hacker ethos like Kevin McCallister does.
Read More Is Kevin McCallister the Greatest Hacker in Movie History?
Threat actors are exploiting an unpatched zero-day vulnerability in Cisco AsyncOS software.
Read More Threat Actors Target Unpatched Cisco AsyncOS Zero-Day
Amazon researchers highlighted a “tactical pivot” by Russian GRU hackers who have been moving away from zero-day and N-day exploitation.
