Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2025-55182: First Days of React2Shell Exploitations

On December 3rd Lachlan Davidson disclosed an unauthenticated remote code execution vulnerability in React Server Components (RSC) that exploits how React.js (and Next.js) decodes payloads sent to React Server Function endpoints. On December 4th we started observing fingerprinting attempts for these vulnerabilities and on December 5th we started observing exploitation attempts. React.js is used by 66% of the global digital supply, in the top 0.06% of all technologies.

Practitioner Insight: 4 Best Practices for Supply Chain Risk Resilience in Finance

Like any other global industry, financial services companies face tremendous challenges of scale and complexity when it comes to managing cyber risk across their digital supply chain. The financial services supply chain is composed of more than 1.6M third-party relationships across the industry ecosystem.

It's 2 AM. Do You Know Which AIs Your MCP Server Is Talking To?

When Anthropic dropped the Model Context Protocol (MCP) in late 2024, it felt like the missing puzzle piece for AI tooling: a standard way for Large Language Models (LLMs) to talk to data sources, APIs, and pretty much anything else you can think of. Think of it as a USB-C port for AI, as the protocol’s creators like to say. But like most shiny new standards, the devil’s in the details.

Unsubscribed Doesn't Mean Disconnected: The Persistent Risk of Calendar Domains

We trust our devices to keep our lives organized, from reminders and appointments to birthdays and holidays. But behind that convenience lies an invisible risk. Every time you subscribe to an external calendar, you may be granting an unknown third party the ability to send events directly to your device for as long as the subscription remains active.

Security Alert: CVE-2025-66478 & CVE-2025-55182 (React2Shell) - Next.js React Server Components Remote Code Execution

A critical vulnerability, CVE-2025-66478, has been identified in Next.js applications using React Server Components (RSC) with the App Router. This vulnerability receives a CVSS score of 10.0 and a Bitsight Dynamic Vulnerability Exploit (DVE) score of 7.85. This vulnerability may allow remote code execution (RCE) when affected servers process attacker-controlled RSC requests. CVE-2025-66478 is tied to an upstream React issue (CVE-2025-55182–DVE score 9.15) affecting the RSC protocol implementation.

Paying the Ransom: A Short-Term Fix or Long-Term Risks?

According to our 2025 State of the Underground report, ransomware attacks rose by nearly 25% in 2024, and the number of ransomware group leak sites jumped 53%. This surge sets the stage for a critical question: if compromised, should you pay ransomware demands or not? The stakes are enormous, including downtime, data loss, brand damage, and legal risk all hang in the balance.

Making DORA Strategy Practical: What Cybersecurity Leaders Need to Succeed in 2026

For many cybersecurity teams, the race to comply with the Digital Operational Resilience Act (DORA) is well underway, but clarity and confidence remain elusive. With enforcement set to take effect in January 2026, the countdown is on for financial institutions and their ICT providers to prove that they can withstand and recover from digital disruptions. The regulation sets high expectations for cross-functional coordination, ICT risk oversight, third-party accountability, and real-time monitoring.

Survey: Continuous Monitoring Emerges as Top Priority for Security Leaders in Germany

German cybersecurity teams are making meaningful progress in exposure management, but critical gaps remain that limit their ability to reduce business risk. That’s one of the key takeaways from Bitsight’s State of Cyber Risk and Exposure 2025 report, which surveyed 1,000 cyber risk professionals globally, including 150 based in Germany.

The Hidden Dangers of Calendar Subscriptions: 4 Million Devices at Risk

Day-to-day workload can become overwhelming as time passes alongside the growing tasks and responsibilities of both personal and professional lives. Therefore, a well-structured digital calendar may be an essential organizational tool to navigate through the day, helping with the support we need to manage our time and ongoing commitments.

Bitsight Threat Intelligence Briefing: Key Malware Trends Shaping Cyber Risk in 2025

The cybercrime underground continues to evolve into a mature, service-based economy that mirrors legitimate technology markets. Threat actors are increasingly adopting professionalized business models, offering malware, access, and data-theft capabilities “as a service” to a broad audience of buyers. During the first half of 2025, Bitsight observed sustained growth in Malware-as-a-Service (MaaS) and Remote Access Trojan (RAT) activity across dark web forums and marketplaces.