North Korean hackers exploit maximum severity React2Shell flaw

Yorùbá

North Korean hackers have begun exploiting a critical vulnerability known as React2Shell in malware attacks. This follows similar actions by Chinese hackers, indicating a growing interest in this security flaw. The issue poses significant risks to affected systems.

A maximum severity vulnerability in React2Shell has come under attack by North Korean hackers, who are using it in malware campaigns. The flaw, rated as critical, allows for severe exploitation that could compromise systems extensively.

According to reports, this development occurs shortly after Chinese actors targeted the same vulnerability, suggesting a pattern of state-sponsored groups capitalizing on high-impact weaknesses. The React2Shell flaw enables attackers to gain unauthorized access, potentially leading to data breaches or further malware deployment.

Security experts emphasize the urgency of patching this vulnerability to mitigate risks from such nation-state threats. No specific details on the scope of attacks or affected targets have been disclosed, but the involvement of North Korean hackers underscores ongoing cybersecurity challenges posed by adversarial nations.

This incident highlights the need for organizations to stay vigilant against evolving tactics from groups linked to North Korea, known for sophisticated cyber operations.

Awọn iroyin ti o ni ibatan

Dramatic server room scene illustrating the SSHStalker Linux botnet infecting thousands of vulnerable servers via SSH exploits.
Àwòrán tí AI ṣe

Researchers discover SSHStalker botnet infecting Linux servers

Ti AI ṣe iroyin Àwòrán tí AI ṣe

Flare researchers have identified a new Linux botnet called SSHStalker that has compromised around 7,000 systems using outdated exploits and SSH scanning. The botnet employs IRC for command-and-control while maintaining dormant persistence without immediate malicious activities like DDoS or cryptomining. It targets legacy Linux kernels, highlighting risks in neglected infrastructure.

React2Shell exploits continue with large-scale Linux backdoor deployments and cloud credential theft

Ongoing exploitation of the React2Shell vulnerability (CVE-2025-55182)—previously detailed in coverage of China-nexus and cybercriminal campaigns—now includes widespread Linux backdoor installations, arbitrary command execution, and large-scale theft of cloud credentials.

China-nexus groups and cybercriminals ramp up React2Shell exploits

Ti AI ṣe iroyin

Building on earlier PeerBlight attacks, Google Threat Intelligence reports exploitation of the React2Shell vulnerability (CVE-2025-55182) by China-nexus clusters and financially motivated actors deploying backdoors and cryptocurrency miners on vulnerable React and Next.js systems.

Technology

US government urged to patch critical Gogs security flaw

Linux

Chinese hackers install backdoors via Cisco email zero-day

Technology

North Korean hackers use AI video to spread malware

Microsoft patches security flaw in Office software

Microsoft has issued an emergency patch for a worrying security flaw in its Office software. The vulnerability could allow hackers to access users' files if not updated promptly. The patch was released to address this critical issue.

Apple fixes zero-day flaws in WebKit for sophisticated attacks

Ti AI ṣe iroyin

Apple has addressed two zero-day vulnerabilities in its WebKit engine that were exploited in sophisticated attacks. The company released patches to fix these bugs, enhancing security for users of its devices.

The hacker news publishes weekly threatsday bulletin

The Hacker News has released its latest ThreatsDay Bulletin, focusing on various cybersecurity issues. The bulletin covers topics such as Kali Linux combined with Claude, Chrome crash traps, WinRAR flaws, and activities related to LockBit. It also includes over 15 additional stories on emerging threats.

BeyondTrust RCE flaw enables code execution without login

Ti AI ṣe iroyin

A critical remote code execution vulnerability has been discovered in multiple BeyondTrust products. The flaw, rated 9.9 out of 10 in severity, allows hackers to run code on affected systems without needing to log in. The issue was reported on February 10, 2026.

March 13, 2026 18:03

Veeam patches three critical security flaws in backup servers

March 11, 2026 02:47

Dutch intelligence accuses Russia of hacker attacks on WhatsApp and Signal

February 19, 2026 09:18

Experts claim ransomware attacks increasingly target firewalls

February 18, 2026 11:16

Dell zero-day flaw unpatched for nearly two years

February 05, 2026 15:05

Critical flaws discovered in n8n workflow tool

February 04, 2026 19:25

Russian hackers exploit Microsoft Office vulnerability days after patch

December 19, 2025 11:19

Cisco email security products targeted in zero-day campaign

December 10, 2025 15:36

React2Shell flaw exploited for PeerBlight malware on Linux

November 05, 2025 22:25

Russian hackers use Linux VMs to hide malware on Windows

October 29, 2025 11:29

Malicious npm packages steal developer credentials on multiple platforms

 

 

 

Ojú-ìwé yìí nlo kuki

A nlo kuki fun itupalẹ lati mu ilọsiwaju wa. Ka ìlànà àṣírí wa fun alaye siwaju sii.
Kọ