InfoWorld

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...

Google clarifies canonicalization with JavaScript

Google added a section on canonicalization best practices for JavaScript to the JavaScript SEO best practices document.
CoinDesk

New React bug that can drain all your tokens is impacting 'thousands of' websites

Attackers are using the vulnerability to deploy malware and crypto-mining software, compromising server resources and ...

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
The Hacker News

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited ...
The Hacker News

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

CISA warns that attackers are actively exploiting the React2Shell CVE-2025-55182 flaw, urging fast patching across vulnerable ...
GitHub

GitHub - Oblosys/react-lifecycle-visualizer: Real-time visualizer for React lifecycle methods

An npm package (react-lifecycle-visualizer) for tracing & visualizing lifecycle methods of React class components. (For function components and hooks, check out react-hook-tracer instead.) To trace a ...

Patch Now! Critical Malware Vulnerability Threatens React

The JavaScript programming library React and certain apps created with it are vulnerable. Security updates are available for download.
GitHub

The JavaScript bundler for React Native.

Metro is included with React Native — see the React Native docs to quickly get started ⏱️. To add Metro to an existing project, see our Getting Started guide. Metro was previously part of the ...