Legacy protocols continue to create modern security gaps. In February 2026, the Apache Software Foundation disclosed … Apache Tomcat Vulnerability CVE-2026-24733 Enables Security Constraint BypassRead more
web application security
BADIIS Malware Compromises 1,800+ Windows Servers in SEO Poisoning Campaign
A large-scale cyber campaign has compromised over 1,800 Windows servers worldwide, leveraging a sophisticated malware strain … BADIIS Malware Compromises 1,800+ Windows Servers in SEO Poisoning CampaignRead more
Critical Vulnerability in Next-Mdx-Remote: RCE Risk in React SSR
A critical vulnerability in next-mdx-remote has been identified that allows attackers to execute arbitrary code on … Critical Vulnerability in Next-Mdx-Remote: RCE Risk in React SSRRead more
Urgent: Fiber v2 UUID Flaw Enables Session Hijacks & CSRF
A critical vulnerability has been discovered in Fiber v2, a widely used Go web framework, that … Urgent: Fiber v2 UUID Flaw Enables Session Hijacks & CSRFRead more
RondoDoX Botnet: Weaponizing React2Shell to Hijack Next.js & IoT at Scale
In late 2025, a fast‑evolving campaign exposed how quickly modern botnets adapt to newly disclosed web … RondoDoX Botnet: Weaponizing React2Shell to Hijack Next.js & IoT at ScaleRead more