🚨 React2Shell RCE (CVE-2025-55182): unauth RCE via insecure deserialization in React Server Components, patched Dec 3, public exploits since Dec 3, 100k+ hosts exposed, CISA KEV Dec 9, 60+ organizations compromised. #React #RSC ➡️ https://t.co/xC6cNl7lPh

📄 December Linux Patch Wednesday. 650 vulns, 399 in Linux Kernel. No in-the-wild exploitation. 29 with public exploits or evidence of their existence. #Vulristics #Linux #JupyterLab #fontTools #Cacti #CUPS #ApacheTika #phpPgAdmin #cpphttplib #Chromium ➡️ https://t.co/7HSRV2NyAO

⚡️ December "In the Trend of VM" (#22): 4 trending vulnerabilities in Windows, expr-eval, Control Web Panel, and Django — compact but important. 💽🔥 #TrendVulns #PositiveTechnologies ➡️ https://t.co/d37g0uSwS0

🚨 CWP RCE (CVE-2025-48703): unauth cmd injection via t_total, patched 0.9.8.1205, write‑up Jun22, CISA KEV Nov4, ~220k servers online #CWP #RCE ➡️ https://t.co/jeg7ZW8qIx

🚨 CVE-2025-12735 in expr-eval - insufficient input validation enables JS RCE; PoC on GitHub; fixes pending in the main project and its fork; 800k+ weekly downloads; no in-the-wild exploitation so far. #expreval #JavaScript #npm ➡️ https://t.co/uvRm8zeCM4

🚨 December #Microsoft Patch Tuesday: 56 vulnerabilities fixed - 9 fewer than in November. 1 vulnerability is actively exploited in the wild (#Windows Cloud Files Mini Filter Driver EoP, CVE-2025-62221). No public exploits so far. #PatchTuesday ➡️ https://t.co/bSpWEz0SeV

Just wrote about the critical Windows Kernel EoP CVE-2025-62215 from November MSPT. Local attackers could gain SYSTEM via Race Condition & Double Free. Patch now ⚙️ Waiting for December MSPT today ⏳ #Microsoft #Windows ➡️ https://t.co/o0vgf6Q3PN

🎯🐍 CVE-2025-64459: Django SQL Injection vuln = DB logic manipulation + possible auth bypass & priv escalation. Patch dropped Nov 5, exploit came Nov 6. No active attacks… yet. Django = 32% web framework share & millions of sites. #Django #Python ➡️ https://t.co/IQbdtMji4I

📄 November Linux Patch Wednesday. 516 vulns, 232 in Linux Kernel. One exploited in the wild. 64 more with public exploits. #Vulristics #Linux #Samba #ApacheTomcat #NVIDIACTK #Lasso #QuickJS #Keras #Django #Webmin #Squid #BIND #Suricata ➡️ https://t.co/3xRK414Aug

⚡️ November "In the Trend of VM" (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux. Here's a big digest after several months - a total of 9 vulnerabilities! 🔥 #TrendVulns #PositiveTechnologies ➡️ https://t.co/a80jkw3VGE

🚨 November Microsoft Patch Tuesday: 65 vulnerabilities, including 1 exploited in the wild (Windows Kernel EoP CVE-2025-62215). Linux CVEs clutter extended MSPT reports, so I'm covering MSPT-day only. #PatchTuesday #Microsoft #Windows #WinKernel ➡️ https://t.co/BZlN3bYZcq

🔎 ToolShell's original SharePoint RCE (CVE-2025-49704): demoed at Pwn2Own; PoCs on GitHub; observed exploited in the wild since July 7. #Microsoft #ToolShell #SharePoint ➡️ https://t.co/N8NxDl2vqk

👾 October’s exploited Windows EoP vulnerability (CVE-2025-59230) hits RasMan – few details so far, but it’s already in CISA KEV. #Microsoft #RasMan ➡️ https://t.co/ffva6Izs5I

👾 CVE-2025-9491 - attackers can hide command-line args in a .LNK file’s Target field using whitespace characters to trigger RCE - used to deploy PlugX against diplomatic missions 🇭🇺🇧🇪. Microsoft refuses to fix. 🤷‍♂️⚠️ #PlugX #TrendMicro ➡️ https://t.co/1RzvSY2KC0

🚨 RCE in XWiki (CVE-2025-24893) lets guest users run arbitrary code via crafted SolrSearch requests. Fixed in 15.10.11 / 16.4.1 / 16.5.0RC1 (July 2024). 30+ exploits on GitHub. Now exploited in the wild to deploy cryptominers. #XWiki #VulnCheck ➡️ https://t.co/7GmzuG0aXx

🎯🐧 CVE-2025-38001: Linux Kernel HFSC vulnerability = root privileges for local attackers. Patch came in June, exploit in July, media silence since. #Linux #LinuxKernel #HFSC ➡️ https://t.co/7795S08FhS

⚠️ Redis RCE "RediShell" (CVE-2025-49844): ~330k instances exposed on the Internet; PoC public. Patch to 8.2.2 now. #Redis #Wiz ➡️ https://t.co/Oksjh7659X

🚨 Windows Agere Modem Driver (ltmdm64.sys) CVE‑2025‑24990 lets local attackers gain admin privileges — patched Oct 14, known since 2014; exploit public on Oct 16, CISA flags active attacks. #Windows #Agere #ltmdm64 ➡️ https://t.co/iyvj0ulDpI

⚠️ XSS in Zimbra (CVE-2025-27915) lets JS run via an email with a malicious .ics — exploit published Sep 30; used in the wild vs Brazil’s military before Jan 27 patch. #Zimbra #StrikeReadyLabs ➡️ https://t.co/tJTVdqpKe2

⚠️ CVE-2025-59287 — RCE in WSUS is being actively exploited in the wild; a public exploit is available — patch and reboot your WSUS servers now! #Microsoft #Windows #WSUS ➡️ https://t.co/hZep9X8Uqy