GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate ...
InfoWorld

A proactive defense against npm supply chain attacks

Open-source software has become the backbone of modern development, but with that dependency comes a widening attack surface. The npm ecosystem in particular has been a high-value target for ...
Infosecurity-magazine.com

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...