The Register on MSN

New React vulns leak secrets, invite DoS attacks

And the earlier React2Shell patch is vulnerable If you're running React Server Components, you just can't catch a break. In ...
heise online

Patch Now! Critical Malware Vulnerability Threatens React

Software developers working with React should immediately update the JavaScript programming library to the latest version for security reasons. If this is not done, attackers can exploit a ...
FinanceFeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers exploit a critical React JavaScript vulnerability, CVE-2025-55182, to deploy crypto wallet drainers on legitimate websites ...
Cryptopolitan on MSN

React vulnerability sparks surge in crypto wallet drainers

SEAL Security researchers warned that a critical React flaw fueled a surge in wallet-draining attacks on crypto websites.
CoinTelegraph

Hackers are exploiting a JavaScript library to plant crypto drainers

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...

Criminal IP Reveals Global React2Shell RCE Exposure Across React Server Components

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ecosystem. With low exploitation complexity and publicly available PoCs, ...
Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...