New data suggests a cyber espionage group is laying the groundwork for attacks against major industries. The "React2Shell" vulnerability is already almost a few months old, but it's far from over. An ...

Threat actors exploiting the React2Shell vulnerability in components of React servers are using their access to compromise web domains and divert web traffic for malicious purposes. That’s the ...

Abstract: Disaster relief missions are usually hampered by disconnected communication, poor real-time awareness, and resource coordination inefficiencies. This paper introduces a Disaster Relief ...

Cybersecurity teams disclosed a nine-month campaign that recruited Internet of Things devices and web applications into the RondoDox botnet through late 2025. The activity used the critical ...

The React 19 library for building application interfaces was hit with a remote code vulnerability, React2Shell, about a month ago. However, as researchers delve deeper into the bug, the larger picture ...

Attackers have upped the ante in their exploits of a recently-disclosed maximum severity vulnerability in React Server Components (RSC), Next.js, and related frameworks. Attackers initially exploited ...

Add Yahoo as a preferred source to see more of our stories on Google. This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily ...

Google has observed five China-linked threat groups exploiting the recently disclosed React2Shell vulnerability in their attacks. React2Shell, officially tracked as CVE-2025-55182, impacts systems ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation.

Cybersecurity companies have been seeing a wide range of malware being delivered in attacks exploiting the critical React vulnerability dubbed React2Shell. A researcher discovered recently that React, ...