Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

As exploitation activity against CVE-2025-55182, researchers are finding some exploits contain bypasses for Web application firewall (WAF) rules.
Arabian Post

EtherRAT campaign exposes React server security gaps

The attack chain centres on a flaw dubbed React2Shell, tracked as CVE-2025-55182, which affects certain configurations of ...
InfoQ

React Advanced 2025: Type Safe URL State Management Takes Center Stage with Nuqs

Nuqs, a cutting-edge open-source URL state manager for React, revolutionizes application development with its type-safe ...
The Register on MSN

Half of exposed React servers remain unpatched amid active exploitation

Wiz says React2Shell attacks accelerating, ranging from cryptominers to state-linked crews Half of the internet-facing ...
Visual Studio Magazine

Microsoft Tests Copilot-Powered Tool to Modernize JavaScript/TypeScript in VS Code

Microsoft previews a GitHub Copilot-powered VS Code Insiders tool that modernizes JavaScript/TypeScript apps by upgrading npm ...

Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was recently discovered in ...
The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...
DataBreachToday

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of ...

React2Shell RCE flaw exploited by Chinese hackers hours after disclosure

Just as the experts predicted, cybercriminals are now actively exploiting the critical severity vulnerability in React Server ...
TechJuice

A Critical Code Flaw: What You Should Know About the React2Shell Crisis

React2Shell flaw under active attack exposes thousands of React and Next.js apps to remote code execution, forcing urgent ...

Critical React Vulnerability Puts Web Servers At Immediate Risk

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...