CSO Online

Warning: React2Shell vulnerability already being exploited by threat actors

It has been seen spreading cryptojacking malware and in attempts to steal cloud credentials from compromised machines.
CRN

React Server Vulnerability Is No Cause For Panic: Security Expert

A critical-severity vulnerability impacting the popular React open-source library deserves attention, but is far from the ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the ...

It never rains, but it pours: A security bug with a maximum severity rating is putting many of the worlds' servers at risk

It's so bad that it has a maximum severity rating on the CVE database. Fortunately, React's developers created a fix almost ...
Infosecurity Magazine

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...

Cloudflare blames today's outage on React2Shell mitigations

Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively exploited in attacks.

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...
GitHub

Born - Production-Ready ML for Go

"Models are born production-ready" Born is a modern deep learning framework for Go, inspired by Burn (Rust). Build ML models in pure Go and deploy as single binaries - no Python runtime, no complex ...