InfoQ

More Than React: Why You Shouldn’t Use ReactJS for Complex Interactive Front-End Projects, Part I

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Hosted on MSN

React vulnerability sparks surge in crypto wallet drainers

Security Alliance (SEAL) have issued a warning that hackers are exploiting a serious React vulnerability to take over cryptocurrency websites. The SEAL stated that the vulnerability is fueling a surge ...
The Register on MSN

New React vulns leak secrets, invite DoS attacks

And the earlier React2Shell patch is vulnerable If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to ...
Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

Criminal IP Reveals Global React2Shell RCE Exposure Across React Server Components

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ecosystem. With low exploitation complexity and publicly available PoCs, ...
TechRadar

Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

React2Shell (CVE-2025-55182) critical flaw exploited by Chinese and North Korean groups North Korea deploys EtherRAT implant with Ethereum C2, Linux persistence, and Node.js runtime Researchers urge ...