CoinDesk

New React bug that can drain all your tokens is impacting 'thousands of' websites

Attackers are using the vulnerability to deploy malware and crypto-mining software, compromising server resources and ...
hodlfm

Hackers Exploit React Flaw to Quietly Drain Crypto Wallets

The issue, tracked as CVE-2025-55182, was disclosed on December 3 by the React team after being identified by white-hat ...
SecurityWeek

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery

UNC6588 exploited CVE-2025-55182 to download a backdoor named Compood, which has typically been used by Chinese hackers in ...
NextBigFuture

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ecosystem. With low exploitation complexity and publicly available PoCs, ...
The Register on MSN

Half of exposed React servers remain unpatched amid active exploitation

Wiz says React2Shell attacks accelerating, ranging from cryptominers to state-linked crews Half of the internet-facing ...

From Prompt to Publish, Google Firebase Studio Creates Full Stack Apps & Hosts Them

Firebase Studio lets you build complete projects fast with templates for Next.js, Express, and Flutter, so you launch working ...
The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...

Linux Foundation announces Agentic AI Foundation joined by Anthropic, OpenAI, Block

Released in August, AGENTS.md has already been adopted by over 40,000 open-source projects and coding agents to act as the ...
Infosecurity Magazine

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean ...