AutoIT3 Compiled Scripts Dropping Shellcodes
Malicious AutoIT3 scripts are usign the FileInstall function to include additional scripts at compile time that are dropped as temporary files during execution.
https://isc.sans.edu/diary/AutoIT3%20Compiled%20Scripts%20Dropping%20Shellcodes/32542
React2Shell Update
The race is on to patch vulnerable systems. Various groups are aggressively scanning the internet with different exploit variants. Some attempt to bypass WAFs.
https://blog.cloudflare.com/5-december-2025-outage/
https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/
Apache Tika XXE Flaw
Apache s Tika library patched a XXE flaw.
https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k