Breach Roundup: DPRK-Linked EtherRAT Targets React2Shell

Also, Dutch Defend the Nexperia Takeover, Hikvision Challenges FCC, Qilin Strikes Pooja Tikekar (@PoojaTikekar) • December 11, 2025

Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week, likely North Korean hackers exploited React2Shell to deploy EtherRAT, the Dutch government defended its seizure of chipmaker Nexperia and the U.K. National Cyber Security Centre warned prompt injection may be here to stay. Hikvision pushed back against a new U.S. crackdown. Qilin claimed a breach of Scientology systems, Microsoft's year-end Patch Tuesday fixed a Windows zero-day and MuddyWater hit Middle Eastern targets.

See Also: Going Beyond the Copilot Pilot - A CISO's Perspective

Hackers wielding tools closely linked with North Korea threat actors are exploiting the recently disclosed React2Shell vulnerability to deploy a new remote access Trojan.

Researchers at Sysdig say the Trojan, now tracked as EtherRAT, is unlike the ...