Less than a week after its public disclosure, a maximum severity vulnerability known as React2Shell has been increasingly exploited by opportunistic threat actors. CVE-2025-55182 is a critical remote ...
The React 19 library for building application interfaces was hit with a remote code vulnerability, React2Shell, about a month ago. However, as researchers delve deeper into the bug, the larger picture ...
TORRANCE, Calif., Dec. 12, 2025 (GLOBE NEWSWIRE) -- In December 2025, the critical React Server Components (RSC) vulnerability known as React2Shell (CVE-2025-55182) was publicly disclosed, revealing a ...
Over the weekend, Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity "React2Shell" remote code execution vulnerability. Tracked as CVE ...
Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...
New data suggests a cyber espionage group is laying the groundwork for attacks against major industries. The "React2Shell" vulnerability is already almost a few months old, but it's far from over. An ...
React2Shell (CVE‑2025‑55182) exploited to compromise hundreds of systems worldwide China‑linked groups and North Korea abuse flaw for persistence, espionage, and cryptomining Patch immediately to ...
Attackers have upped the ante in their exploits of a recently-disclosed maximum severity vulnerability in React Server Components (RSC), Next.js, and related frameworks. Attackers initially exploited ...