React2Shell: Serious RCE Vulnerability Threatening the Latest Web Frameworks (CVE-2025-55182)
Overview In December 2025, a serious security vulnerability named Reach2Shell was disclosed, shaking the web development ecosystem. This vulnerability affects applications using React Server Components and the Flight protocol, allowing threat actors to execute arbitrary code on the server with a single HTTP request. It has been given a Common
August 2025 Security Issues in Korean & Global Financial Sector
This report comprehensively covers actual cyber threats and security issues related to financial companies in South Korea and abroad. This article includes an analysis of malware and phishing cases distributed to the financial sector, the top 10 malware strains targeting the financial sector, and the industry statistics of leaked Korean
Distribution of Godzilla WebShell Abusing ViewState (Targeting Financial Sector)
Overview AhnLab SEcurity intelligence Center (ASEC) has recently detected an attack targeting financial sector companies. The threat actor primarily targeted ASP.NET environments with vulnerable configurations, abusing the ViewState feature supported by ASP.NET. ViewState is a fundamental feature of ASP.NET that allows the handling of user input or other data
