US EditionInside Vercel’s Sleep-Deprived Race to Contain React2Shell
3 Articles
3 Articles
Inside Vercel’s sleep-deprived race to contain React2Shell
Talha Tariq and his colleagues at Vercel, the company that maintains Next.js, endured many sleep-deprived nights and weekends when React2Shell was discovered and disclosed soon after Thanksgiving. The defect, which affects vast stretches of the internet’s underlying infrastructure, posed a significant risk for Next.js, an open-source library that depends on vulnerable React Server Components. He quickly realized he had a major problem to confron…
Hackers Launched 8.1 Million Attack Sessions To React2Shell Vulnerability - Cybernoz - Cybersecurity News
The React2Shell vulnerability (CVE-2025-55182) continues to face a relentless exploitation campaign, with threat actors launching more than 8.1 million attack sessions since its initial disclosure. According to GreyNoise Observation Grid data, daily attack volumes have stabilized at 300,000–400,000 sessions since peaking above 430,000 in late December, indicating sustained, coordinated exploitation. Over 8.1 million sessions have been seen since…
At the beginning of December, the spectrum of a new Log4J was hovering on the React and Next.js apps with a critical flaw, the CVE-2025-55182. It was quickly called React4Shell. We were talking about it from December 4th: https://www.programz.com/actualites/react-et-nextjs-deux-failles-critiques-découvertes-jour-en-emergency-38655To sum up: These flaws allow you to execute distance code and weaken your default configuration. On React, they affec…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
