The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...
Cybernews

Attackers exploit React2Shell vulnerability to target home CCTV, smart plugs, and TVs

React2Shell, a critical Node.js vulnerability, is driving massive global exploitation as attackers target smart devices and ...
SecurityWeek

React2Shell Attacks Linked to North Korean Hackers

Attacks exploiting the recently emerged React vulnerability dubbed React2Shell appear to have been conducted by North Korean ...

Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was recently discovered in ...
腾讯网

朝鲜关联黑客组织利用React2Shell漏洞部署新型EtherRAT恶意软件

EtherRAT与C2服务器建立联系后,会进入每500毫秒执行一次的轮询循环,将任何超过10个字符的响应解释为要在受感染机器上运行的JavaScript代码。该恶意软件通过五种不同方法实现持久化: ...
Infosecurity Magazine

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean ...
Cybernews

Compromised Next.js devices weaponized by attackers: thousands remain vulnerable

Security researchers warn that hundreds of compromised Next.js devices are attacking others, and tens of thousands of servers ...
InfoQ中国 on MSN

Vike发布Photon平台,搭载新一代JavaScript部署基础设施并集成Cloudflare服务

Vike(一个用于构建高级Web应用程序的灵活框架)推出Photon,这是一个可以在任何平台上部署JavaScript服务器的下一代基础设施。Photon标志着开发人员在服务器部署与集成方式上的重大转变。

1995年的“10天黑客实验”如何转身成为支撑互联网的JavaScript

1995年12月,网景通信公司与太阳微系统公司联合宣布了一种全新的网页脚本语言——JavaScript,这门诞生于网景公司内部、仅用10天时间拼出的“黑客式原型”,如今已经成为互联网上最重要的编程语言之一。 虽然当年的原始版本直到同年9月才随 ...

Terminally ill mum gets thousands of cards for her last Christmas after plea

When Clare Jones put up a Facebook post asking for extra Christmas cards to make her last Christmas "super special", she ...
Security Boulevard

How to Code Signing an Electron.js App for macOS?

Why Code Signing Isn’t Optional? If you’ve ever tried running an unsigned app on macOS, you already know how brutal the experience is. You double-click your .app file, and that dreaded message appears ...