React2Shell

Entity category: EVENT

Business

RondoDox Botnet Breaches Next.js Servers via React2Shell Flaw

January 2, 2026
Close-up of a black robot with a glowing red eye, surrounded by similar robots.

The RondoDox botnet is actively exploiting the critical React2Shell vulnerability (CVE-2025-55182) to compromise Next.js servers, deploying malware and cryptocurrency miners.…

Read More »
Business

React2Shell flaw fuels ransomware attacks

December 19, 2025
Hacker in hoodie with glowing eyes uses laptop with padlock icon.

The **React2Shell** vulnerability (CVE-2025-55182) is being actively exploited, allowing attackers to gain unauthorized server access and deploy ransomware in under…

Read More »
AI & Tech

ImmuniWeb Boosts AI-Powered Security Testing & Compliance

December 14, 2025
Abstract AI brain inside cube with digital data streams and icons.

ImmuniWeb's Q4 update focuses on identifying AI-specific vulnerabilities, including the OWASP Top 10 for LLMs, and expands capabilities for detecting…

Read More »
Cybersecurity

North Korean Hackers Target React2Shell Flaw in EtherRAT Malware

December 10, 2025
Five hooded figures sit before a laptop, a world map in binary code behind them.

A sophisticated malware implant called EtherRAT exploits the critical React2Shell vulnerability, using Ethereum smart contracts for command-and-control and establishing five…

Read More »
BigTech Companies

Critical ‘React2Shell’ Vulnerability Exposes React.js

December 6, 2025
Warning sign with exclamation point against a binary code background.

A critical vulnerability (CVE-2025-55182) in React.js and Next.js, dubbed React2Shell, allows unauthenticated remote code execution with a severity score of…

Read More »
AI & Tech

Cloudflare Outage Linked to React2Shell Mitigation Efforts

December 6, 2025
Cloudflare logo over a red world map with network connections.

A widespread Cloudflare outage was caused by an emergency security patch for a critical, actively exploited vulnerability (React2Shell/CVE-2025-55182) in React…

Read More »
BigTech Companies

Critical React & Node.js Flaw Patched: Update Now (CVE-2025-55182)

December 5, 2025
Pile of old TVs with a large red X overlayed on the scene.

A critical remote code execution vulnerability (CVE-2025-55182) affects React versions 19.0.0 through 19.2.0, requiring an immediate update to version 19.2.1.…

Read More »