weekly
SIGNALS WEEKLY: React2Shell in the Wild, BRICKSTORM in the Walls, Predator on the Phone
React2Shell in the wild, BRICKSTORM in the walls, Predator on the phone. Not a dystopian haiku—this week’s risk stack. 🧯🕳️📱
brickstorm
unc5221
Will UNC5221 pop a fresh zero-day before Dec 31? Updated!
UNC5221 is an edge-focused PRC espionage actor repeatedly tied to zero-days (Ivanti 2023–2025; prior NetScaler). Edge products remained a major zero-day target in 2024. But public attributions typically lag exploitation by weeks, and the window is short...
unc5221
By Dec 31, 2025, will UNC5221 be publicly linked to exploiting at least one new zero-day?
Question: By Dec 31, 2025, will UNC5221 be publicly linked to exploiting at least one new zero-day in a non-Ivanti edge platform (e.g., VMware vCenter/ESXi, Citrix NetScaler, F5, Palo Alto, Fortinet)?