SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...
SD Times

React Native comes to UWP, Visual Studio Code 1.0 released

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote ...
CSOonline

Flaw in React Native CLI opens dev servers to attacks

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems before a fix in version 20.0.0. A critical remote-code execution (RCE) flaw ...
The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Critical RSC flaws in React and Next.js enable unauthenticated remote code execution; users should update to patched versions ...

Glassworm returns once again with a third round of VS code attacks

The Visual Studio Marketplace and the Open VSX Registry users are targeted once again with infostealing malware.