All developers using React Server Components are urged to upgrade immediately, and some apps that don’t include React Server Function endpoints could be vulnerable, as well.
The victims in Israel span multiple industries, including technology, engineering, manufacturing, local government, and education.
Researchers from Wiz are currently tracking more than 25,000 affected repositories across approximately 350 unique users.
The provider, Media Land LLC, has been used by ransomware actors like Lockbit, BlackSuit, and Play, and its infrastructure has been leveraged across several distributed denial-of-service (DDoS) attacks against US companies and critical infrastructure.
Read More DoJ Sanctions Bulletproof Hosting Provider Used By Ransomware Groups
That vulnerability (CVE-2025-64446) affects several versions of FortiWeb and CISA has added it to its Known Exploited Vulnerabilities catalog.
The financial impacts of cyberattacks are hard to measure – but they lend critical context to conversations around security risk at the boardroom level.
Read More Marks and Spencer’s Profit Drop: The Financial Toll of Cyberattacks
Google is taking legal action “designed to dismantle the core infrastructure” of the Lighthouse phishing-as-a-service operation.
Read More Google Wants to Snuff Out ‘Lighthouse’ Phishing Kit
