This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

The threat actors behind the RondoDox botnet are among the latest attackers to take advantage of the React2Shell flaw, weaponizing the vulnerability as an initial access vector to deploy other ...

In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers. The targeted security defect, tracked as CVE-2025-55182, impacts systems relying on ...

TLDR: We’re postponing the announced billing change for self-hosted GitHub Actions to take time to re-evaluate our approach. We are continuing to reduce hosted-runners prices by up to 39% on January 1 ...

From record-breaking DDoS attacks to millions infected by malicious extensions, this week delivered some of the most alarming cyber incidents of the year. I've been writing and editing stories for ...

Attacks on smart devices at home have “exploded” in the past year, turning your innocent looking tech into “exit points for other people’s traffic.” You won’t know until it’s too late. “Your internet ...

Security researchers at Fortinet’s FortiGuard Labs have identified a new Mirai-based botnet called ShadowV2 that quietly emerged during the major AWS outage in October, targeting vulnerable IoT ...

A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. Fortinet’s FortiGuard Labs ...

Microsoft Azure Fends Off ‘Largest DDoS Attack Ever Observed in the Cloud’ Your email has been sent Microsoft confirmed that Azure blocked a denial-of-service attack that involved more than 500,000 IP ...

Microsoft says the attack, sourced from more than 500,000 compromised IPs, exposes deep weaknesses in home IoT and raises questions about enterprise DDoS readiness. Azure has blocked its largest DDoS ...

An international coalition of law enforcement agencies coordinated by Europol targeted and took down three cybercrime operations in its latest round of what authorities call “Operation Endgame.” In a ...

For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested ...