meta News Articles

React2Shell flaw (CVE-2025-55182) exploited for remote code execution

The availability of exploit code will likely lead to more widespread opportunistic attacks

3 weeks ago

Hackers Launched 8.1 Million Attack Sessions to React2Shell Vulnerability

The React2Shell vulnerability (CVE-2025-55182) continues to face a relentless exploitation campaign, with threat actors launching more than 8.1 million attack sessions since its initial disclosure.

1 month ago

React2Shell Vulnerability Hit by 8.1 Million Attack Attempts

The React Server Components (RSC) "Flight" protocol remote code execution vulnerability, tracked as CVE-2025-55182 and publicly referred to as "React2Shell,"

1 month ago

Hackers Launch 8.1 Million Attack Sessions Exploiting React2Shell Vulnerability

Security monitoring firm GreyNoise reported on January 7, 2026, that the vulnerability has been exploited in over 8.1 million attack sessions since its initial disclosure

1 month ago

React2Shell under attack: RondoDox Botnet spreads miners and malware

RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers.

React2Shell under attack: RondoDox Botnet spreads miners and malware

RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers.

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and malware worldwide.

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers.

Validated External Risk Issues: SOC Alerts for Zero-Days | Wiz Blog

Validated External Risk Issues are high-fidelity ASM alerts triggered by verified external attack paths – demonstrated through the React2Shell zero-day.

OpenAI GPT-5.2-Codex Launch Empowers Agentic Coding

Discover how OpenAI GPT-5.2-Codex is revolutionizing coding with agentic capabilities, ushering in the next era of self-sufficient software development.

React2Shell ransomware: Weaxor deployed on vulnerable server

Attackers deployed Weaxor ransomware less than a minute after initial access.

CVE-2025-55182: Initial Analysis of React2Shell Exploitations | Bitsight

CVE-2025-55182 (React2Shell) was exploited within 48 hours. Read our initial findings on attack patterns, payloads, and botnets targeting this RCE vuln.

No, GPT-5.1 Didn’t Save React: The Viral Lie Exposed

On December 19, a claim from fintech commentator Wes Roth moved through the security community on X with the speed of a zero-day exploit.ContentsA Verified Bug, An Unverified BackstoryInside CVE-2025-55183: The Technical RealityThe Attribution WarsA Warning Shot “AI just helped patch the real web.” ...

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution...

React2Shell fallout spreads to sensitive targets as public exploits hit all-time high

Attacker interest in the vulnerability is magnified by an unparalleled number of publicly available exploits, earning the defect the highest verified public exploit count of any CVE ever.

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

Breach Roundup: DPRK-Linked EtherRAT Targets React2Shell

This week, likely North Korean hackers exploited React2Shell. The Dutch government defended its seizure of Nexperia. Prompt injection may be here to stay. Hikvision

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later.

More China-linked groups exploit React2Shell CVE-2025-55182 zero-day

Five new China-linked groups join rapid React2Shell exploitation, raising urgency to patch now.

Microsoft Details Mitigations Against React2Shell RCE Vulnerability in React Server Components

Microsoft issued mitigations for React2Shell (CVE-2025-55182), a critical pre-auth RCE flaw impacting React Server Components and Next.js.

React2Shell CVE-2025-55182: Critical RCE Risk in Web Applications

React2Shell (CVE-2025-55182) explained a critical warning for web developers about a severe React Server Components vulnerability, its impact on modern apps, and how to respond.

Critical React flaw triggers a wave of crypto wallet drainers - Cryptopolitan

SEAL Security researchers warned that a critical React flaw fueled a surge in wallet-draining attacks on crypto websites.

Microsoft Outlines Mitigation for React2Shell RCE Vulnerability in React Server Components

Microsoft has released comprehensive guidance on CVE-2025-55182, a critical pre-authentication remote code execution (RCE) vulnerability.

CVE-2025-55182: Critical React Vulnerability Hits Crypto Frontends

CVE-2025-55182: Critical React vulnerability hits crypto Frontends, and is already being used in crypto-drainer attacks against legitimate sites.