Cybersecurity News Bytes

ShadyPanda Browser Extension Espionage Campaign Exposes 4.3 Million Users A long‑running espionage and fraud operation dubbed ShadyPanda has abused trusted Chrome and Edge browser extensions to spy on approximately 4.3…

ShadyPanda Browser-Extension Espionage Campaign Exposes 4.3 Million Users A long-running espionage and fraud operation dubbed ShadyPanda has abused seemingly legitimate browser extensions for Google Chrome and Microsoft Edge to surveil…

Critical RSC Bugs Discovered in React and Next.js Frameworks Critical vulnerabilities in React Server Components (RSC) have been identified in both React and Next.js frameworks, posing significant risks to applications…

Android December 2025 Security Bulletin Patches Two In-The-Wild Zero‑Day Exploits Google’s December 2025 Android security update patches more than one hundred vulnerabilities, including two actively exploited zero‑day flaws that enable…

Massive 29.7 Tbps DDoS Attack Mitigated by Cloudflare Summary: A record-breaking distributed denial-of-service (DDoS) attack, peaking at 29.7 terabits per second, was successfully detected and mitigated by a major cloud…

Cloudflare Mitigates Record-Breaking 14.1 Bpps Aisuru DDoS Attack A new Aisuru-powered distributed denial-of-service (DDoS) attack peaking at 14.1 billion packets per second has set a fresh record for volumetric assaults,…

Active Exploitation of React2Shell Vulnerability Triggers Emergency Patching Across React and Next.js Ecosystems A critical remote code execution flaw in React Server Components, widely referred to as React2Shell, has moved…

Chinese Threat Actors Exploiting React2Shell Vulnerability in React and Next.js A newly disclosed critical vulnerability known as React2Shell is now under active exploitation by Chinese-linked threat actors, targeting modern web…

State-Linked Threat Actors Exploit Critical React Server Components Vulnerability (CVE-2025-55182) A newly disclosed critical vulnerability in React Server Components, tracked as CVE-2025-55182 and popularly dubbed React2Shell, has rapidly become a…

US Government Exposes BRICKSTORM: A Stealthy PRC Cyber Espionage Platform US cybersecurity authorities have disclosed a long-running cyber espionage campaign attributed to People’s Republic of China (PRC) state-sponsored hackers, centered…