Monthly Archives: December 2025

You are here:

Home
2025
December

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

NewsBy admin December 30, 2025

Dec 30, 2026Ravie LakshmananMalware / Cyber Espionage The Chinese hacking group known as Mustang Panda has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia. The findings come from Kaspersky, which observed the new backdoor…

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

NewsBy admin December 4, 2025

Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as CVE-2025-55182, carries a CVSS score of 10.0. It allows “unauthenticated remote code execution by exploiting a flaw in how React decodes payloads…