Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On December 3rd Lachlan Davidson disclosed an unauthenticated remote code execution vulnerability in React Server Components (RSC) that exploits how React.js (and Next.js) decodes payloads sent to React Server Function endpoints. On December 4th we started observing fingerprinting attempts for these vulnerabilities and on December 5th we started observing exploitation attempts. React.js is used by 66% of the global digital supply, in the top 0.06% of all technologies.

Every IT Operations team knows the feeling: the alert storm hits, dashboards light up, and another late-night scramble begins. You fix the issue, document it, and brace for the next one. The pattern repeats; not because your team lacks skill or visibility, but because the systems you rely on don’t move as fast as the infrastructure they manage. Downtime doesn’t start when systems fail. It starts when signals go unanswered.

The Ransomware-as-a-Service (RaaS) ecosystem has changed the look and shape of modern day ransomware attacks. Malicious actors typically view their cybercrimes as a business, hoping to make the most amount of money with the least amount of effort. For example, according to research, AI-automated phishing attacks performed similarly to human generated ones and 350% better than the ones sent to the control group.

How Mend.io’s ServiceNow integration helps organizations manage application, network, and operational risks together—at scale. Managing AppSec and network risk as separate programs is no longer realistic for enterprise security teams. Today’s digital environments are interconnected, distributed, and constantly changing. A single misconfiguration, unpatched server, or vulnerable open-source component can become a point of exploitation when combined with weaknesses elsewhere in the stack.

As we look toward 2026, the IT landscape continues to evolve at a rapid pace. The forces of digital transformation, persistent security threats, and economic pressures are compelling organizations to build more resilient, efficient, and intelligent infrastructure. For IT leaders, navigating these changes requires a clear vision and a practical strategy.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Quite a brazen attempt I must say.

2025 was a turning point for identity security. Many professionals realized that traditional human and machine-focused identity solutions just don’t work for AI. AI is non-deterministic like a human, yet it’s still software. This creates an entirely new identity category. Traditional IAM tools would treat AI identities as yet another separate type, creating new silos.

Cybersecurity in 2026 will be driven by economics. Not hype. Not novelty. Economics. Attackers follow financial incentives and scale their operations faster than most enterprises can defend. CISOs must shift from reporting technical metrics to explaining business impact, guide safe AI adoption as Shadow AI grows, and design programs that emphasize resilience over perfection.

To protect your IP, your CAD files need file-level security, unencrypted labelling, digital supply chain security and CAD file data governance. How seriously do you take IP protection? Architecture, Engineering, Construction and Operations (AECO) companies that treat IP protection as an afterthought are sleepwalking into disaster.

APIs now sit at the center of almost every digital product, from mobile apps and SaaS platforms to embedded services. As organizations scale, the number of endpoints grows quickly, as does the attack surface. Unmonitored or misconfigured APIs have already led to major incidents across industries, including data exposure, broken authentication, and large-scale account takeover.