Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR ...
SecurityWeek

Critical Apache Tika Vulnerability Leads to XXE Injection

CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted ...

How Agentic BAS AI Turns Threat Headlines Into Defense Strategies

Picus Security explains why relying on LLM-generated attack scripts is risky and how an agentic approach maps real threat ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked ...
Infosecurity Magazine

React2Shell Under Active Exploitation by China-Nexus Hackers

React2Shell (CVE-2025-55182) is under active exploitation by Earth Lamia and Jackpot Panda, risking over two million ...