CVE-2025-55182 React Server Components RCE POC · GitHub
https://gist.github.com/maple3142/48bc9393f45e068cf8c90ab865c0f5f3
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) › Searchlight Cyber
https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/
Samsung: QuramDng invalid LossyJpeg component assumption, leading to out-of-bounds write [444346510] - Project Zero
https://project-zero.issues.chromium.org/issues/444346510![Samsung: QuramDng invalid LossyJpeg component assumption, leading to out-of-bounds write [444346510] - Project Zero](/image/screenshot/e703c27b0c2b92e8faf2ff4ffa982e66.webp)
React2Shell (CVE-2025-55182)
https://react2shell.com/
GitHub - ejpir/CVE-2025-55182-poc: CVE-2025-55182 POC
https://github.com/ejpir/CVE-2025-55182-poc
Marquis data breach impacts over 74 US banks, credit unions
https://www.bleepingcomputer.com/news/security/marquis-data-breach-impacts-over-74-us-banks-credit-unions/
Samsung: QuramDng TrimBounds Opcode leads to out-of-bounds reads [443793212] - Project Zero
https://project-zero.issues.chromium.org/issues/443793212![Samsung: QuramDng TrimBounds Opcode leads to out-of-bounds reads [443793212] - Project Zero](/image/screenshot/5a869e994150ada0b8addfcfe3e383d5.webp)
BRICKSTORM Backdoor | CISA
https://www.cisa.gov/news-events/analysis-reports/ar25-338a
Microsoft Silently Mitigated Exploited LNK Vulnerability - SecurityWeek
https://www.securityweek.com/microsoft-silently-mitigated-exploited-lnk-vulnerability/
Lazarus Group’s IT Workers Scheme Hacker Group Caught Live On Camera
https://cybersecuritynews.com/lazarus-groups-it-workers/
UK cracks down on Russian intelligence agency authorised by Putin to target Skripals - GOV.UK
https://www.gov.uk/government/news/uk-cracks-down-on-russian-intelligence-agency-authorised-by-putin-to-target-skripals
CISA Warns of Android 0-Day Vulnerability Exploited in Attacks
https://cybersecuritynews.com/android-0-day-vulnerability-exploited/
Microsoft 365 license check bug blocks desktop app downloads
https://www.bleepingcomputer.com/news/microsoft/microsoft-bug-in-microsoft-365-license-checks-blocks-desktop-app-downloads/
Contractors with hacking records accused of wiping 96 govt databases
https://www.bleepingcomputer.com/news/security/contractors-with-hacking-records-accused-of-wiping-96-govt-databases/
Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China
https://thehackernews.com/2025/12/silver-fox-uses-fake-microsoft-teams.html
Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts
https://thehackernews.com/2025/12/record-297-tbps-ddos-attack-linked-to.html