December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed ...

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

This article contains 10 of what we believe to be the biggest stories we covered throughout the year on SD Times.

Accelerate your tech game Paid Content How the New Space Race Will Drive Innovation How the metaverse will change the future of work and society Managing the ...

Millions of web applications face immediate risk following the disclosure of a catastrophic flaw in the React Server Components (RSC) architecture. Identified as CVE-2025-55182, the vulnerability ...

Security defenders are girding themselves in response to the disclosure of a maximum-severity vulnerability disclosed Wednesday in React Server, an open-source package that’s widely used by websites ...

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as ...

A maximum-severity vulnerability in React, a widely used open source software library, could enable remote code execution (RCE) in a massive number of cloud environments, sparking grave concern within ...

Have you ever fixed a bug or launched a new feature while lounging on your couch, coffee in hand, without even touching a traditional workstation? It might sound like a dream, or a bold claim, but ...