All topics

Articles

96 Posts

React2Shell Attacks Continue to Build

After a peak of more than 430,000 attack sessions in late December, daily volumes targeting React2Shell have stabilized in the 300,000 to 400,000 range.

By Dennis Fisher

January 7, 2026 | 2 min read

React2Shell Vulnerability

IBM Warns of Critical Auth Bypass Bug in API Connect

IBM published updates for the affected versions of API Connect on Jan. 2., and urged organizations to update affected versions as soon as possible.

By Dennis Fisher

January 6, 2026 | 1 min read

IBM

Serious MongoDB Flaw CVE-2025-14847 Under Exploitation

MongoDB disclosed the vulnerability (CVE-2025-14847) on Dec. 19 and a few days later, a public exploit for it appeared online.

By Dennis Fisher

December 29, 2025 | 1 min read

MongoDB Vulnerability

Is Kevin McCallister the Greatest Hacker in Movie History?

There may not be any computers in Home Alone, but few movie characters embody the old-school hacker ethos like Kevin McCallister does.

By Dennis Fisher

December 22, 2025 | 1 min read

Podcast Video

Threat Actors Target Unpatched Cisco AsyncOS Zero-Day

Threat actors are exploiting an unpatched zero-day vulnerability in Cisco AsyncOS software.

By Lindsey O'Donnell-Welch

December 17, 2025 | 2 min read

Russian Hackers Target Misconfigured Edge Devices in ‘Concerning Evolution’ For Critical Infrastructure Attacks

Amazon researchers highlighted a "tactical pivot" by Russian GRU hackers who have been moving away from zero-day and N-day exploitation.

By Lindsey O'Donnell-Welch

December 16, 2025 | 2 min read

Edge Devices Russia Sandworm