The Register

React2Shell exploitation spreads as Microsoft counts hundreds of hacked machines

Microsoft says attackers have already compromised "several hundred machines across a diverse set of organizations" via the ...
GovInfoSecurity

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of ...
The Hacker News

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

This week’s ThreatsDay Bulletin covers USB malware, fake crypto scams, CastleRAT, new cyber laws, and falling ransomware profits.
Security Boulevard

Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity ...

RCE flaw in React and Next.js is being actively exploited by China-nexus threat groups, prompting urgent patching and global mitigations.

Critical React Vulnerability Puts Web Servers At Immediate Risk

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the ...

One of the most popular web app frameworks has a major security flaw

Alas, no, as it turns out that a very popular web app framework, used heavily in servers around the world, has been ...
BankInfoSecurity

Chinese Nation-State Groups Tied to 'React2Shell' Targeting

Warnings continue to mount over a critical vulnerability in the widely used web application framework React, with threat ...
Techzine Europe

React2Shell exploited hours after discovery

Amazon detects active attacks by Chinese state hackers on the critical React2Shell vulnerability (CVE-2025-55182). The Earth ...
Network World

Cloudflare firewall reacts badly to React exploit mitigation

That vulnerability, tracked as CVE-2025-55182, enables attackers to remotely execute code on web servers running the React 19 library. Cloudflare was no doubt attempting to protect those of its ...