Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Computer Weekly

Cloudflare fixes second outage in a month

A change to web application firewall policies at Cloudflare caused problems across the internet just a couple of weeks after ...
CSO Online

December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited

Attacker with local access could escalate privileges, Microsoft warns; analyst calls it ‘the most urgent concern’ this month.
CSO Online

Windows shortcuts’ use as a vector for malware may be cut short

A third-party patch management company is cutting short attackers’ use of LNK files to smuggle in malicious commands, while ...