React2Shell Zero-Day Exploited by Chinese APTs, Triggers Global Cloudflare Outage; FinCEN Reports Ransomware Payments Top $2.1B
Summary
This cybersecurity brief for December 6, 2025, covers a critical 24-hour period dominated by the active exploitation of the React2Shell vulnerability (CVE-2025-55182). Chinese state-sponsored actors weaponized the CVSS 10.0 flaw within hours, prompting CISA to add it to the KEV catalog. The rush to mitigate the threat inadvertently caused a major global outage at Cloudflare. Concurrently, a new FinCEN report revealed ransomware payments have surpassed $2.1 billion in three years, highlighting the persistent financial drain of cybercrime. Other significant developments include the emergence of the Benzona ransomware, the Albiriox Android RAT, and a new cybercrime supergroup, 'Scattered LAPSUS$ Hunters,' threatening Salesforce data.
Today New Articles
Cloudflare Outage Hits 28% of Global Traffic After Faulty React2Shell Patch
Cloudflare, a leading internet infrastructure provider, experienced a 25-minute global outage on December 5, 2025, that impacted approximately 28% of its HTTP traffic and made numerous popular websites inaccessible. The company quickly confirmed the disruption...
AI Infrastructure at Risk: MCP Servers Emerge as New Supply Chain Threat
A new security advisory warns that Model Context Protocol (MCP) servers represent a significant and growing supply chain risk for organizations building AI-powered applications. These servers act as highly privileged automation engines, often possessing truste...
Iran Bans Officials From Using All Internet-Connected Devices Over Espionage Fears
In a drastic measure to combat espionage, Iran's Cybersecurity Command has banned all government officials and their security staff from using any device connected to public communication networks. The directive, reported on December 5, 2025, includes smartpho...
Article Updates
Massive Supply Chain Attack Hits 200+ Companies via Salesforce App; Hacker Group Claims Breach
Update:The cybercrime supergroup 'Scattered LAPSUS$ Hunters' has escalated its campaign by launching a dark web leak site. The group, comprising members of Lapsus$, Scattered Spider, and ShinyHunters, is now threatening to leak approximately one billion records alleg...