The Hacker News

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.
GitHub

SPFx REST API returns 404 when adding Field Link to Content Type on M365 Developer Tenant

When using the SharePoint REST API from an SPFx web part to provision lists and content types, all operations succeed except for adding a field link to a content type. The standard, documented ...
GitHub

blair-mcc/SPFx-ListCardScroller

This custom SPFx Component turns any list into a simple card viewer in SharePoint without having to create and mess around with a gallery view on the list. It allows for minimal customisation in the ...