CoinDesk

New React bug that can drain all your tokens is impacting 'thousands of' websites

Attackers are using the vulnerability to deploy malware and crypto-mining software, compromising server resources and ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked ...

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...

Experts warn this 'worst case scenario' React vulnerability could soon be exploited - so patch now

React is one of the most popular JavaScript libraries, which powers much of today’s internet. Researchers recently discovered ...

Critical vulnerability in React JS framework has a near 100% chance to be exploited

Researchers have uncovered a critical security flaw that could have catastrophic consequences for web and private cloud ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.
Ars Technica

Fine Bros back down, rescind trademark claim on the word “react”

Up until last week, the Fine Bros’ biggest claim to fame was their YouTube series of videos that revolved around a “reaction” gimmick, in which they filmed children, elderly people, or other groups of ...