Researchers Hack Google’s Gemini CLI Through Prompt Injections in GitHub Actions
https://cybersecuritynews.com/gemini-cli-prompt-injections-github/
New wave of VPN login attempts targets Palo Alto GlobalProtect portals
https://www.bleepingcomputer.com/news/security/new-wave-of-vpn-login-attempts-targets-palo-alto-globalprotect-portals/
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html
GitHub - Malayke/Next.js-RSC-RCE-Scanner-CVE-2025-66478: A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.
https://github.com/Malayke/Next.js-RSC-RCE-Scanner-CVE-2025-66478?tab=readme-ov-file#-runtime-memory-shell-
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
https://thehackernews.com/2025/12/critical-react2shell-flaw-added-to-cisa.html
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
https://www.bleepingcomputer.com/news/security/react2shell-flaw-exploited-to-breach-30-orgs-77k-ip-addresses-vulnerable/