InfoWorld

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate ...
Hackaday

This Week In Security: PostHog, Project Zero Refresh, And Thanks For All The Fish

There’s something immensely satisfying about taking a series of low impact CVEs, and stringing them together into a full exploit. That’s the story we have from [Mehmet Ince] of ...
hodlfm

Hackers Exploit React Flaw to Quietly Drain Crypto Wallets

The issue, tracked as CVE-2025-55182, was disclosed on December 3 by the React team after being identified by white-hat ...