Andvch

04/12/2025

🚨 Critical React + Next.js Vulnerability (Severity 10.0) please give a read if you use the framework!!

🚨 Critical React + Next.js Vulnerability (Severity 10.0)

A major security issue has just been disclosed affecting React Server Components and Next.js, rated at the maximum severity level: 10.0.

This vulnerability allows unauthenticated remote code ex*****on — meaning an attacker can run code on your server without logging in. A single crafted request is enough to compromise a system.

If your application uses React 19 or Next.js with the App Router, you are very likely exposed.

🔧 What You Need To Do

Update to the patched versions immediately.
This is not a “later tonight” kind of fix — this is a drop everything and patch now situation.

⚠️ Why This Is Critical
• Total server compromise is possible
• Default setups are affected
• Millions of apps worldwide may be vulnerable

Stay sharp, stay secure

08/05/2025

BREAKING NEWS: (unconfirmed) an emerging threat actor group identifying as "DevMan" has claimed responsibility for cyberattack targeting GMA NEWS & PUBLIC AFFAIRS.

They allege the claim 65GB of data and are reportedly seeking $2.5 million ransom, and are willing to sell it to a single, exclusive buyer.

Image credits: deepwebkonek