CSOonline

React2Shell is the Log4j moment for front end development

Attackers have upped the ante in their exploits of a recently-disclosed maximum severity vulnerability in React Server Components (RSC), Next.js, and related frameworks. Attackers initially exploited ...
Hosted on MSN

Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

React2Shell (CVE-2025-55182) critical flaw exploited by Chinese and North Korean groups North Korea deploys EtherRAT implant with Ethereum C2, Linux persistence, and Node.js runtime Researchers urge ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The React 19 library for building application interfaces was hit with a remote code vulnerability, React2Shell, about a month ago. However, as researchers delve deeper into the bug, the larger picture ...