Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was recently discovered in ...
American Hospital Association

CISA alerts of critical vulnerability impacting free program used for building user interfaces

A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and ...

React2Shell RCE flaw exploited by Chinese hackers hours after disclosure

Just as the experts predicted, cybercriminals are now actively exploiting the critical severity vulnerability in React Server ...
TechJuice

A Critical Code Flaw: What You Should Know About the React2Shell Crisis

React2Shell flaw under active attack exposes thousands of React and Next.js apps to remote code execution, forcing urgent ...

Critical React Vulnerability Puts Web Servers At Immediate Risk

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...
The Hacker News

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting ...
Cybernews

Cloudflare says Friday outage caused by critical React security update, not malicious cyberattack

A major Cloudflare service outage on Friday was caused by a faulty update to mitigate the critical React2Shell vulnerability, ...

Cloudflare blames Friday outage on borked fix for React2shell vuln

Amid new reports of attackers pummeling a maximum security hole (CVE-2025-55182) in the React JavaScript library, ...
Dark Reading

React2Shell Vulnerability Under Attack From China-Nexus Groups

A maximum-severity vulnerability affecting the React JavaScript library is under attack by Chinese-nexus actors, further ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the ...

Experts warn this 'worst case scenario' React vulnerability could soon be exploited - so patch now

React patches a 10/10 flaw that can be used for remote code execution.
Infosecurity Magazine

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...