The Hacker News

⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More

This week’s recap unpacks how evolving exploits, malware frameworks, and cloud missteps are reshaping modern cyber defense ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

The threat actors behind the RondoDox botnet are among the latest attackers to take advantage of the React2Shell flaw, weaponizing the vulnerability as an initial access vector to deploy other ...
Krebs on Security

The Kimwolf Botnet is Stalking Your Local Network

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers. The targeted security defect, tracked as CVE-2025-55182, impacts systems relying on ...
bitnewsbot

RondoDox Botnet Exploits React2Shell to Widen IoT Infections

Cybersecurity teams disclosed a nine-month campaign that recruited Internet of Things devices and web applications into the RondoDox botnet through late 2025. The activity used the critical ...
Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
Network World

Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower

Microsoft says the attack, sourced from more than 500,000 compromised IPs, exposes deep weaknesses in home IoT and raises questions about enterprise DDoS readiness. Azure has blocked its largest DDoS ...
Krebs on Security

Aisuru Botnet Shifts from DDoS to Residential Proxies

Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable ...
InfoWorld

The best new features and fixes in Python 3.14

Official support for free-threaded Python, and free-threaded improvements Python’s free-threaded build promises true parallelism for threads in Python programs by removing the Global Interpreter Lock ...
SiliconANGLE

Darktrace reveals ShadowV2 botnet exploiting Docker misconfigurations in AWS

A new report out today from Darktrace Ltd. reveals a sophisticated cybercrime campaign that blends traditional malware with cloud-native design principles, exposing how threat actors are evolving ...
TheServerSide

Free GitHub Copilot Practice Exams (GH-300)

Community driven content discussing all aspects of software development from DevOps to design patterns. To do that, you need practice, and that’s what this collection of GH-300 GitHub Copilot practice ...