Shady Panda Hides For Years In Legitimate Browser Extensions: Cybersecurity Today

In this episode of 'Cybersecurity Today,' host Jim Love discusses several significant cybersecurity issues. Highlights include a maximum severity vulnerability in React Server Components dubbed React2Shell (CVE-2025-55182), a recently patched Windows shortcut flaw by Microsoft, and new attacks using the Evilginx phishing platform in schools. Additionally, the show explores a long-running campaign by 'Shady Panda,' which used browser extensions to harvest data, and an unexpected failure by Google's AI tool that led to the deletion of a developer's hard drive. The episode also thanks Meter for their continued support.

00:00 Introduction and Sponsor Message<...