Monate nach einer Warnung zeigt sich, wie sie ausgenutzt wird – und warum Framework-Patches genauso kritisch sind wie OS-Patches. Eine Analyse von Steffen Zahn (Security, Sicherheitslücke)
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. […]
More React2Shell Exploits CVE-2025-55182 Our honeypots continue to detect numerous React2Shell variants. Some using slightly modified exploits https://isc.sans.edu/diary/More%20React2Shell%20Exploits%20CVE-2025-55182/32572 The Fragile Lock: Novel Bypasses For SAML Authentication SAML is a tricky protocol to implement correctly, in particular if different XML parsers are used that may not always agree on how to parse a specific message https://portswigger.net/research/the-fragile-lock […]