The Hacker News

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure.
NextBigFuture

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ecosystem. With low exploitation complexity and publicly available PoCs, ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...
InfoQ

ASP.NET Core in .NET 10: Major Updates Across Blazor, APIs, and OpenAPI

Microsoft has detailed the major updates to ASP.NET Core arriving as part of last month's .NET 10 release. As reported, this ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked ...

React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...