Archive: https://archive.today/JLg6L
From the post:
>At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking React2Shell, a maximum-severity flaw in the widely used React JavaScript library, according to Google.
Unauthenticated attackers can abuse the flaw, tracked as CVE-2025-55182, to remotely execute code, and the Chocolate Factory's threat hunters said multiple groups are using this vulnerability to deploy backdoors, tunnelers, and cryptocurrency miners.
React maintainers disclosed the critical bug on December 3, and exploitation began almost immediately. According to Amazon's threat intel team, Chinese government crews, including Earth Lamia and Jackpot Panda, started battering the security hole within hours of its disclosure. Palo Alto Networks' Unit 42 responders have put the victim count at more than 50 organizations across multiple sectors, with attackers from North Korea also abusing the flaw.
Archive: https://archive.today/JLg6L
From the post:
>>At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking React2Shell, a maximum-severity flaw in the widely used React JavaScript library, according to Google.
Unauthenticated attackers can abuse the flaw, tracked as CVE-2025-55182, to remotely execute code, and the Chocolate Factory's threat hunters said multiple groups are using this vulnerability to deploy backdoors, tunnelers, and cryptocurrency miners.
React maintainers disclosed the critical bug on December 3, and exploitation began almost immediately. According to Amazon's threat intel team, Chinese government crews, including Earth Lamia and Jackpot Panda, started battering the security hole within hours of its disclosure. Palo Alto Networks' Unit 42 responders have put the victim count at more than 50 organizations across multiple sectors, with attackers from North Korea also abusing the flaw.
