The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure.
CISA warns that attackers are actively exploiting the React2Shell CVE-2025-55182 flaw, urging fast patching across vulnerable ...
A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...
The Register on MSN
Half of exposed React servers remain unpatched amid active exploitation
Wiz says React2Shell attacks accelerating, ranging from cryptominers to state-linked crews Half of the internet-facing ...
A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...
A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...
A maximum-severity vulnerability affecting the React JavaScript library is under attack by Chinese-nexus actors, further ...
Attacks exploiting the recently emerged React vulnerability dubbed React2Shell appear to have been conducted by North Korean ...
Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the ...
Security firms have seen cryptocurrency miners, Linux backdoors, botnet malware, and post-exploitation implants in ...
It has been seen spreading cryptojacking malware and in attempts to steal cloud credentials from compromised machines.
Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threat ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback