Infosecurity Magazine

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...

Cloudflare blames today's outage on React2Shell mitigations

Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the ...

JavaScript turns 30: From 10-day prototype to the backbone of the modern web

Thirty years ago, Netscape and Sun Microsystems introduced JavaScript as a new, cross-platform scripting language for building internet applications. Brendan Eich, the language's original designer, ...
Dark Reading

React2Shell Vulnerability Under Attack From China-Nexus Groups

A maximum-severity vulnerability affecting the React JavaScript library is under attack by Chinese-nexus actors, further ...
Que.com on MSN

React and Next.js security risks: Addressing critical vulnerabilities now

In today’s rapidly evolving digital landscape, web developers seek technologies that offer speed, reliability, and flexibility. React and Next.js, two ...

It never rains, but it pours: A security bug with a maximum severity rating is putting many of the worlds' servers at risk

It's so bad that it has a maximum severity rating on the CVE database. Fortunately, React's developers created a fix almost ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...
CRN

React Server Vulnerability Is No Cause For Panic: Security Expert

A critical-severity vulnerability impacting the popular React open-source library deserves attention, but is far from the ...