Google links more Chinese hacking groups to React2Shell attacks

React2Shell fallout spreads to sensitive targets as public exploits hit all-time high

Fallout from React2Shell — a stubborn vulnerability that impacts wide swaths of the internet’s scaffolding — continues to spread as public exploits and stealth backdoors proliferate and worrying details emerge about the targets attackers are pursuing.  Threat researchers and incident responders are reacting to swift-moving developments on React2Shell with mounting concern. Cybercriminals, ransomware gangs and nation-state threat groups are all s…

React2Shell attacks expand widely across multiple sectors

Researchers warn that state-linked and opportunistic actors are working to exploit flaws in React’s application tools.

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity

React2Shell Attacks Expand Widely Across Multiple Sectors - Cybernoz - Cybersecurity News

Microsoft researchers warned that “several hundred machines” across a wide range of organizations have been compromised via the exploitation of a critical vulnerability in React Server Components, according to a blog post released Monday. The vulnerability, tracked as CVE-2025-55182, allows an unauthenticated attacker to achieve remote code execution due to unsafe deserialization of payloads sent to React Server Function endpoints.  React is a J…