The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...
Infosecurity Magazine

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...
GovInfoSecurity

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of ...
CSO Online

Warning: React2Shell vulnerability already being exploited by threat actors

It has been seen spreading cryptojacking malware and in attempts to steal cloud credentials from compromised machines.
Security Boulevard

Dangerous RCE Flaw in React, Next.js Threatens Cloud Environments, Apps

Security and developer teams are scrambling to address a highly critical security flaw in frameworks tied to the popular React JavaScript library. Not only is the vulnerability, which also is in the ...
CPO Magazine

North Korean Hackers Target Developers with Nearly 200 Malicious NPM Packages in “Contagious Interview” Hacking Campaign

North Korean hackers intensify their efforts against blockchain and Web3 developers, using nearly 200 malicious npm packages ...

Open-source toolkit: AI company Anthropic acquires Bun

AI company Anthropic has acquired the open-source JavaScript toolkit Bun, which it uses for the infrastructure of Claude Code ...
Analytics India Magazine

OpenAI, Anthropic and Block Set up Agentic AI Foundation Under Linux Foundation

The new foundation aims to provide a neutral, open governance structure for the emerging ecosystem of agentic AI systems.
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...
GovInfoSecurity

Chinese Nation-State Groups Tied to 'React2Shell' Targeting

Warnings continue to mount over a critical vulnerability in the widely used web application framework React, with threat ...