Business Insider

Criminal IP Reveals Global React2Shell RCE Exposure Across React Server Components

TORRANCE, Calif., Dec. 12, 2025 (GLOBE NEWSWIRE) -- In December 2025, the critical React Server Components (RSC) vulnerability known as React2Shell (CVE-2025-55182) was publicly disclosed, revealing a ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: Top ...
Hosted on MSN

React2Shell RCE flaw exploited by Chinese hackers hours after disclosure

Critical React2Shell flaw now exploited in the wild by China-linked groups AWS reports global targeting of finance, logistics, retail, IT, universities, and governments for persistence and espionage ...
Hosted on MSN

Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

React2Shell (CVE-2025-55182) critical flaw exploited by Chinese and North Korean groups North Korea deploys EtherRAT implant with Ethereum C2, Linux persistence, and Node.js runtime Researchers urge ...
InfoWorld

React2Shell is the Log4j moment for front end development

Attackers have upped the ante in their exploits of a recently-disclosed maximum severity vulnerability in React Server Components (RSC), Next.js, and related frameworks. Attackers initially exploited ...