December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers.

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

Web server admins must scramble to update their backend servers again after React and Next.js disclosed two additional follow-up vulnerabilities related to last week’s discovery of a critical bug.

Security researchers warn that hundreds of already compromised Next.js devices are hitting honeypots, while tens of thousands of servers remain vulnerable to the critical React vulnerability. Eduardo ...

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting urgent warnings across the tech industry. The bug — dubbed “React2Shell” — ...

A remote code execution (RCE) vulnerability in the React JavaScript library, which earlier today caused disruption across the internet as Cloudflare pushed mitigations live on its network, is now ...

Critical React flaw (CVE-2025-55182) enables pre-auth RCE in React Server Components Affects versions 19.0–19.2.0 and frameworks like Next, React Router, Vite; patches released in 19.0.1, 19.1.2, 19.2 ...

A critical vulnerability affecting the popular open source JavaScript library React is under attack — by none other by Chinese nation-state threat actors. CVE-2025-55182, which was disclosed Wednesday ...

Cloudflare has blamed a Friday outage on mitigations for the critical React vulnerability dubbed React2Shell. React2Shell, officially tracked as CVE-2025-55182, is an unauthenticated remote code ...