The Hacker News

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.
Bleeping Computer

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by ...
TWCN Tech News

Clipchamp not uploading or saving files to OneDrive

If Clipchamp is not uploading or saving files to OneDrive, here is how you can fix the issue. As there could be several reasons, here we have consolidated some of the most common causes and solutions ...
Yahoo

Republicans and Democrats react to major redactions in latest Epstein files release

Add Yahoo as a preferred source to see more of our stories on Google. Some Republican and Democratic lawmakers are criticizing the Justice Department's latest release of files related to Jeffrey ...
Hosted on MSN

Republicans and Democrats react to major redactions in latest Epstein files release

Some Republican and Democratic lawmakers are criticizing the Justice Department's latest release of files related to Jeffrey Epstein after more than 500 pages were entirely blacked out, CBS News has ...
Hosted on MSN

Democrats react to expected partial release of Epstein files

New Mexico Democratic Rep. Teresa Leger Fernández joins ABC News Live to discuss Friday’s expected partial release of the Epstein files and Democrats’ push to make the remaining documents public.
ZDNet

Google just made it easier to upload files in AI Mode - try it now

Google had made it easier to upload documents in AI Mode. A new plus button allows you to upload files and images for AI analysis. The feature is only appearing on desktop mode for now. Google just ...
Microsoft

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...
The Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
winbuzzer.com

Severe React Server Components Flaw Exposes Millions of Apps and Websites

Millions of web applications face immediate risk following the disclosure of a catastrophic flaw in the React Server Components (RSC) architecture. Identified as CVE-2025-55182, the vulnerability ...