Web Exploits Cause Critical Infrastructure Failure

The provided texts consist of two intelligence briefs from KeysGuard Night Owl detailing a global cyber risk assessment, which is currently rated as HIGH due to escalating threats and disruption. These documents focus urgently on two critical, actively exploited vulnerabilities: React2Shell (CVE-2025-55182), which is tied to China-based exploitation, and GeoServer XXE (CVE-2025-58360), both requiring immediate remediation. The reports emphasize the convergence of exploit pressure with real-world incidents, specifically citing reported cyberattacks against Venezuela’s state oil company (PDVSA) and an email outage affecting Germany’s Bundestag. Finally, the briefs offer technical detection guidance to help defenders hunt for post-exploitation behavior originating from web workers, reinforcing the need for both rapid patching and robust resilience planning.