Overview
Description
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
Statistics
- 10 Posts
- 1 Interaction
Last activity: Last hour
Bluesky
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts Steal Credentials reconbee.com/hackers-expl...
#hackers #Nextjs #credentials #cybersecurity #cyberattack
~Talos~
AI lowers the barrier for BEC attacks, while a massive campaign exploits Next.js React2Shell to harvest cloud credentials.
-
IOCs: CVE-2025-55182
-
#BEC #React2Shell #ThreatIntel
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
ハッカーがCVE-2025-55182を悪用し、Next.jsホスト766台に侵入、認証情報を盗み出す
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials #HackerNews (Apr 2)
thehackernews.com/2026/04/hack...
シークレット等がんがん盗まれているようす:Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html
Hackers exploited CVE-2025-55182 (React2Shell) to breach 766 Next.js hosts, deploying NEXUS Listener to steal database credentials, SSH keys, and cloud tokens. Impact spans multiple regions and cloud providers. #NextjsBreach #CredentialTheft
Overview
Description
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.
Statistics
- 5 Posts
Last activity: 13 hours ago
Fediverse
Geopolitical tensions escalate between Algeria and Morocco, impacting European security and energy stability. In technology, IBM and Arm announced a strategic collaboration on new dual-architecture hardware for future AI and data-intensive workloads. On the cybersecurity front, CISA added a new exploited vulnerability (CVE-2026-3502) to its catalog, while L.A. Metro confirmed a mid-March hack, with systems still being restored.
Bluesky
~Cisa~
CISA added CVE-2026-3502, a TrueConf Client integrity check flaw, to its KEV catalog due to active exploitation.
-
IOCs: CVE-2026-3502
-
#CISA #CVE2026_3502 #threatintel
📢 Opération TrueChaos : zero-day dans TrueConf exploité contre des gouvernements en Asie du Sud-Est
📝 ## 🔍 Contexte
Publié le 30 mars…
https://cyberveille.ch/posts/2026-04-02-operation-truechaos-zero-day-dans-trueconf-exploite-contre-des-gouvernements-en-asie-du-sud-est/ #CVE_2026_3502 #Cyberveille
CISAが既知の悪用された脆弱性を1件カタログに追加
CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Apr 2)
CVE-2026-3502 TrueConfクライアントにおける整合性チェックなしのコードダウンロードの脆弱性
www.cisa.gov/news-events/...
Description
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Statistics
- 3 Posts
- 3 Interactions
Last activity: 11 hours ago
Fediverse
Bluesky
Overview
- Cisco
- Cisco Enterprise NFV Infrastructure Software
01 Apr 2026
Published
02 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.03%
KEV
Description
A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin.
This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.
Statistics
- 3 Posts
- 3 Interactions
Last activity: 4 hours ago
Bluesky
Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)
🔗 Read more: www.helpnetsecurity.com/2026/04/03/c...
#vulnerability #securityupdate #cybersecurity
Cisco patches two 9.8 CVSS flaws (CVE-2026-20093, CVE-2026-20160), preventing authentication bypass and root access.
Overview
- Progress
- ShareFile Storage Zones Controller
02 Apr 2026
Published
03 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.41%
KEV
Description
Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.
Statistics
- 4 Posts
- 8 Interactions
Last activity: 7 hours ago
Bluesky
We added Progress ShareFile fingerprinting to our scans & reports with 784 unique IPs seen exposed on 2026-04-02.
watchTowr recently disclosed details behind an RCE CVE-2026-2699 & CVE-2026-2701 exploit chain affecting ShareFile. Make sure to apply the latest patch!
Two chained vulnerabilities (CVE-2026-2699 & CVE-2026-2701) in Progress ShareFile Storage Zones Controller enable unauthenticated file access and remote code execution. Patch version 5.12.4 fixes the issues. #ShareFile #RemoteCodeExec #USA
📢 Progress ShareFile : chaîne RCE pré-authentifiée via CVE-2026-2699 et CVE-2026-2701
📝 ## 🔍 Contexte
Publié le 2 avril 2026 par watchTowr Labs, ce…
https://cyberveille.ch/posts/2026-04-02-progress-sharefile-chaine-rce-pre-authentifiee-via-cve-2026-2699-et-cve-2026-2701/ #ASPX_Webshell #Cyberveille
Overview
- Progress
- ShareFile Storage Zones Controller
02 Apr 2026
Published
03 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.19%
KEV
Description
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
Statistics
- 4 Posts
- 8 Interactions
Last activity: 7 hours ago
Bluesky
We added Progress ShareFile fingerprinting to our scans & reports with 784 unique IPs seen exposed on 2026-04-02.
watchTowr recently disclosed details behind an RCE CVE-2026-2699 & CVE-2026-2701 exploit chain affecting ShareFile. Make sure to apply the latest patch!
Two chained vulnerabilities (CVE-2026-2699 & CVE-2026-2701) in Progress ShareFile Storage Zones Controller enable unauthenticated file access and remote code execution. Patch version 5.12.4 fixes the issues. #ShareFile #RemoteCodeExec #USA
📢 Progress ShareFile : chaîne RCE pré-authentifiée via CVE-2026-2699 et CVE-2026-2701
📝 ## 🔍 Contexte
Publié le 2 avril 2026 par watchTowr Labs, ce…
https://cyberveille.ch/posts/2026-04-02-progress-sharefile-chaine-rce-pre-authentifiee-via-cve-2026-2699-et-cve-2026-2701/ #ASPX_Webshell #Cyberveille
Overview
- Cisco
- Cisco Smart Software Manager On-Prem
01 Apr 2026
Published
02 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.17%
KEV
Description
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host.
This vulnerability is due to the unintentional exposure of an internal service. An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
Statistics
- 2 Posts
- 1 Interaction
Last activity: 9 hours ago
Bluesky
Cisco patches two 9.8 CVSS flaws (CVE-2026-20093, CVE-2026-20160), preventing authentication bypass and root access.
Overview
Description
When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE).
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Statistics
- 2 Posts
Last activity: 18 hours ago
Bluesky
📢 CVE-2025-53521 : Plus de 14 000 instances F5 BIG-IP APM exposées à des attaques RCE actives
📝 ## 🗓️ Contexte
Source : BleepingComputer — Articl…
https://cyberveille.ch/posts/2026-04-02-cve-2025-53521-plus-de-14-000-instances-f5-big-ip-apm-exposees-a-des-attaques-rce-actives/ #CISA_KEV #Cyberveille
Overview
- Microsoft
- Azure Kubernetes Service
02 Apr 2026
Published
03 Apr 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.05%
KEV
Description
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
Statistics
- 1 Post
Last activity: 4 hours ago
Overview
- Intermesh
- groupoffice
02 Apr 2026
Published
03 Apr 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.45%
KEV
Description
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.156, 25.0.90, and 26.0.12, a vulnerability in the AbstractSettingsCollection model leads to insecure deserialization when these settings are loaded. By injecting a serialized FileCookieJar object into a setting string, an authenticated attacker can achieve Arbitrary File Write, leading directly to Remote Code Execution (RCE) on the server. This issue has been patched in versions 6.8.156, 25.0.90, and 26.0.12.
Statistics
- 1 Post
Last activity: 8 hours ago
Fediverse
🚨 CVE-2026-34838 (CRITICAL, CVSS 10): Group-Office <6.8.156, <25.0.90, <26.0.12 vulnerable to insecure deserialization (CWE-502). Authenticated attackers can achieve RCE by injecting malicious serialized objects. Patch now! https://radar.offseq.com/threat/cve-2026-34838-cwe-502-deserialization-of-untruste-f6c31d56 #OffSeq #Vuln #RCE