Microsoft

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...
fightful

Beyond the Mat: How Modern Fighters Build Their Brand Outside the Ring

The days when a fighter’s value was measured solely by their win-loss record are long gone. In 2025, combat sports athletes are expected to be content creators, social media strategists, and brand ...
The Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of ...
GitHub

vercel-labs/fix-react2shell-next

🔍 fix-react2shell-next - CVE-2025-66478 vulnerability scanner 📂 Found 3 package.json file(s) 🚨 Found 2 vulnerable file(s): 📄 package.json next: ^15.1.0 → 15.1.9 📄 apps/web/package.json next: ...
The Hacker News

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) ...