The Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

Critical React Server Components flaw (CVE-2025-55182) fuels automated attacks dropping miners and multiple new Linux malware ...

The antidote to the JavaScript industrial complex: How XMLUI puts the business developer back in control

The requirements for front-end development have included expertise in React, CSS, and other disciplines, forcing ...

From Prompt to Publish, Google Firebase Studio Creates Full Stack Apps & Hosts Them

Firebase Studio lets you build complete projects fast with templates for Next.js, Express, and Flutter, so you launch working ...
Security Boulevard

Exploitation Efforts Against Critical React2Shell Flaw Accelerate

The exploitation efforts by China-nexus groups and other bad actors against the critical and easily abused React2Shell flaw in the popular React and Next.js software accelerated over the weekend, with ...
Infosecurity Magazine

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...
CSO Online

December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited

Attacker with local access could escalate privileges, Microsoft warns; analyst calls it ‘the most urgent concern’ this month.
American Hospital Association

CISA alerts of critical vulnerability impacting free program used for building user interfaces

A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and ...
DataBreachToday

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked ...
Dark Reading

Exploitation Activity Ramps Up Against React2Shell

Attacks against CVE-2025-55182, which began almost immediately after public disclosure, have increased as more threat actors ...

Critical React Vulnerability Puts Web Servers At Immediate Risk

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...