React2Shell vuln exploited by China, Iran, Google warns

React2Shell vuln exploited by China, Iran, Google warns

: Who hasn't exploited this max-severity flaw?

China, Iran Are Having a Field Day With React2Shell, Google Warns

A critical React vulnerability (CVE-2025-55182) is being actively exploited at scale by Chinese, Iranian, North Korean, and criminal groups to gain remote code execution, deploy backdoors, and mine crypto. The Register reports: React maintainers disclosed the critical bug on December 3, and exploitation began almost immediately. According to Amazon's threat intel team, Chinese government crews, including Earth Lamia and Jackpot Panda, started ba…

ZnDoor Malware Exploiting React2Shell Vulnerability to Compromise Network Devices

Since December 2025, a concerning trend has emerged across Japanese organizations as attackers exploit a critical vulnerability in React/Next.js applications. The vulnerability, tracked as CVE-2025-55182 and known as React2Shell, represents a remote code execution flaw attracting widespread exploitation. While initial attacks primarily deployed cryptocurrency miners, security researchers uncovered more sophisticated threats targeting network inf…