The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...

Kali Linux 2025.4 released with 3 new tools, desktop updates

Kali Linux has released version 2025.4, its final update of the year, introducing three new tools, desktop environment improvements, and enhanced Wayland support.

Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was recently discovered in ...
PC World

Can’t update Windows 10? Here’s how to get extended support working again

Home users who sign in to Windows 10 with a Microsoft account can register for Extended Security Updates (ESU) at no cost and continue receiving free updates until October 14th, 2026. The first ...
InfoWorld

Contagious Interview attackers go ‘full stack’ to fool you

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a ...
InfoWorld

The first building blocks of an agentic Windows OS

Microsoft rolls out Model Context Protocol support in Windows ML, providing tools to build agentic Windows applications that ...
Infosecurity Magazine

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...
Visual Studio Magazine

VS Code 1.107 (November 2025 Update) Expands Multi-Agent Orchestration, Model Management

Microsoft's November 2025 Visual Studio Code update (version 1.107) advances multi-agent orchestration for GitHub Copilot and ...
CSOonline

New ClickFix attacks use fake Windows Update screens to fool employees

CSOs and Windows admins should disable the ability of personal computers to automatically run commands to block the latest version of the ClickFix social engineering attacks. This advice comes from ...