Explore the Shai-Hulud 2.0 npm worm: how this self-replicating malware compromised hundreds of npm packages, exfiltrated credentials, and became one of the most impactful software supply chain attacks of 2025. Learn detection rules, attack workflow, real-world case studies, and effective mitigation strategies for developers and security teams.
React2Shell (CVE-2025-55182) is a critical CVSS 10.0 remote code execution vulnerability in React Server Components and Next.js. Learn how the React2Shell exploit works, which versions are affected, how Chinese threat actors are abusing it in the wild, and get practical detection, mitigation, and incident-response guidance for your React and Next.js applications.
RedTiger an open source red team toolkit has been repurposed into an infostealer that targets Discord, browsers and crypto wallets. Read the technical analysis, IoCs, detection rules and mitigation guidance.
