The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
Security Boulevard

Top CVEs of December 2025

December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...
GitHub

Self-Hosted file converter server.

Today we are forced to rely on third party services to convert files to other formats. This is a serious threat to our privacy, if we use such services to convert files with highly sensitive personal ...
Microsoft

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...
techzine

Three new vulnerabilities discovered in React Server Components

Following the critical vulnerability CVE-2025-55182 in React Server Components, researchers have found three new leaks. Two enable denial of service, while the third leaks source code. The React team ...
GitHub

Discord Media Uploader: Automated Mass File Uploading for Discord Server.

Discord Media Uploader is a Python bot that automates the process of uploading files to your Discord server. It allows you to easily share media files, documents, and more with your server members ...
The Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of ...