Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On Wednesday, December 3, a critical remote code execution (RCE) vulnerability in React Server Components (RSC), dubbed React2Shell (CVE-2025-55182), was disclosed. The CVE was discovered by security researcher Lachlan Davidson. It quickly gained traction with multiple third-party proof of concepts (PoCs) being published of varying quality and credibility.

AI tools have proved their worth in the workplace. They help us write, research, code, plan, and automate. They’re making employees faster and more productive, and helping businesses move and innovate at a pace that wasn’t possible before. But AI’s rise wasn’t orchestrated by IT. It didn’t always arrive through formal adoption plans or procurement cycles. It turned up in shared links to popular GenAI and other tools, self-sanctioned and adopted by users in minutes.

Claude Skills is a new feature from Anthropic that has gained rapid adoption, with more than 17,000+ GitHub stars already since its launch in October 2025, allowing users to create and share custom code modules that expand Claude’s capabilities and streamline workflows. But as this ecosystem grows, Cato CTRL uncovered a serious oversight into how Skills are executed.

On November 18, 2025, a single configuration file change at Cloudflare disrupted access to large parts of the web. Around 11:20 UTC, Cloudflare’s network began returning a surge of HTTP 5xx errors. Users trying to reach services like X (formerly Twitter), ChatGPT/OpenAI, Ikea, Canva, and many others suddenly saw Cloudflare-branded error pages instead of the applications they expected. Cloudflare mitigated the issue, restored service, and published a detailed public report.

HashJack is a newly discovered indirect prompt injection technique that conceals malicious instructions after the # in legitimate URLs. When AI browsers send the full URL (including the fragment) to their AI assistants, those hidden prompts get executed. This enables threat actors to conduct a variety of malicious activities.

As retailers gear up for the year’s biggest sales, cybercriminals are preparing for their own “Black Friday rush.” They’re not after TVs, they’re after data. Last year, phishing surged more than 600%1 during Black Friday week and ransomware attacks rose nearly 60%2.

The SolarWinds supply chain attack in 2020 reminded the world how a single weakness in trusted software can have global consequences. That incident reshaped how organizations view software integrity and the importance of securing every stage of the development pipeline.

In today’s hyper-connected world, organizations face an unprecedented challenge: securing the explosive growth of connected devices across their networks. From laptops and smartphones to IoT and OT systems, the device ecosystem is expanding at a pace that traditional tracking and protection methods cannot keep up with.

The launch of OpenAI Atlas, an AI-powered browser that merges ChatGPT’s intelligence with a full web experience, marks a major leap in how people interact with the internet. Instead of typing queries or clicking through pages, users can now ask, act, and automate, delegating browsing tasks to AI agents capable of retrieving data, filling in forms, or performing actions on their behalf. For businesses, Atlas represents both opportunity and risk.