Security Boulevard

Exploitation Efforts Against Critical React2Shell Flaw Accelerate

The exploitation efforts by China-nexus groups and other bad actors against the critical and easily abused React2Shell flaw in the popular React and Next.js software accelerated over the weekend, with ...
The Hacker News

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting ...

It never rains, but it pours: A security bug with a maximum severity rating is putting many of the worlds' servers at risk

It's so bad that it has a maximum severity rating on the CVE database. Fortunately, React's developers created a fix almost ...

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...

Admins and defenders gird themselves against maximum-severity server vuln

According to Wiz and fellow security firm Aikido, the vulnerability, tracked as CVE-2025-55182, resides in Flight, a protocol ...