CoinDesk

New React bug that can drain all your tokens is impacting 'thousands of' websites

Attackers are using the vulnerability to deploy malware and crypto-mining software, compromising server resources and ...

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked threat actors, Earth Lamia and Jackpot Panda, have been exploiting it in ...

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ...
The Hacker News

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

CISA warns that attackers are actively exploiting the React2Shell CVE-2025-55182 flaw, urging fast patching across vulnerable ...
HealthcareInfoSecurity

Chinese Nation-State Groups Tied to 'React2Shell' Targeting

Warnings continue to mount over a critical vulnerability in the widely used web application framework React, with threat intelligence analysts warning that it's ...

Cloudflare says its WAF is already protecting users from new React security flaws: Here what it means

Cloudflare activates automatic WAF protection against a major React Server Components flaw as developers race to patch vulnerable systems worldwide.
TechCentral.ie

State-linked groups target critical vulnerability in React Server Components

Researchers warn that critical vulnerabilities in Meta’s React Server Components and Next.js are under threat from botnets and state-linked adversaries. China-nexus threat groups, tracked as Earth ...