On 4 December 2025, the Apache Software Foundation disclosed a critical vulnerability — CVE-2025-66516, rated the maximum CVSS 10.0 — in the Apache Tika library. Because Tika underpins search engines, ECM platforms, DLP systems,...
Two China-linked hacking groups began exploiting a critical vulnerability in React Server Components just hours after it became public. The flaw — CVE-2025-55182, rated a maximum 10 — has already been dubbed React2Shell and...
Developers and administrators worldwide are scrambling to update their servers after the disclosure of a critical vulnerability in React Server — a flaw that enables unauthenticated remote code execution through a single crafted HTTP...
A recently patched vulnerability in Microsoft’s Windows Server Update Services has triggered a wave of attacks involving one of the most notable espionage tools of recent years. The incidents underscore how swiftly adversaries move...
A critical vulnerability discovered in the WordPress visual theme “Motors” has enabled hackers to seize administrative privileges en masse, granting them full control over compromised websites. Identified as CVE-2025-4322, the flaw represents a privilege...
