Subj : React2Shell RCE flaw exploited by Chinese hackers hours after dis To : All From : TechnologyDaily Date : Mon Dec 08 2025 14:00:09 React2Shell RCE flaw exploited by Chinese hackers hours after disclosure Date: Mon, 08 Dec 2025 13:45:00 +0000 Description: Chinese hackers are taking advantage of the 10/10 bug reported late last week. FULL STORY ======================================================================Critical React2Shell flaw now exploited in the wild by China-linked groups AWS reports global targeting of finance, logistics, retail, IT, universities, and governments for persistence and espionage Attackers also abuse NUUO Camera bug; urgent patching is advised Just as the experts predicted, cybercriminals are now actively exploiting the critical severity vulnerability in React Server Components (RSC) that was discovered late last week. To make matters worse, the crooks observed abusing the bug seem to be working for the Chinese government. Late last week, the React team published a security advisory detailing a pre-authentication bug in multiple versions of multiple packs, affecting RCS. The versions that are affected include 19.0, 19.1.0, 19.1.1, and 19.2.0, react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. The bug, now dubbed 'React2Shell', is tracked as CVE-2025-55182, and is given a severity score of 10/10 (critical). Given that React is one of the most popular JavaScript libraries out there and powers much of todays internet, researchers warned that exploitation was imminent, urging everyone to apply the fix without delay and update their systems to versions 19.0.1, 19.1.2, and 19.2.1. Catch the price drop- Get 30% OFF for Enterprise and Business plans The Black Friday campaign offers 30% off for Enterprise and Business plans for a 1- or 2-year subscription. Its valid until December 10th, 2025. Customers must enter the promo code BLACKB2B-30 at checkout to redeem the offer. View Deal How to defend Now, Amazon Web Services (AWS) reports that two China-linked groups, Earth Lamia and Jackpot Panda, have been seen using the bug to target organizations in different verticals: "Our analysis of exploitation attempts in AWS MadPot honeypot infrastructure has identified exploitation activity from IP addresses and infrastructure historically linked to known China state-nexus threat actors," CJ Moses, CISO of Amazon Integrated Security, said in a report shared with The Hacker News earlier. Targets are located all over the world, from Latin America to the Middle East and Southeast Asia. Financial services firms, logistics, retail, IT companies, universities, and government organizations are all being attacked - with the goal of the attacks being establishing persistence and cyber-espionage. Besides React2Shell, these two groups are also leveraging additional bugs in their attacks, including one in the NUUO Camera (CVE-2025-1338). React powers almost two in five of all cloud environments. Facebook, Instagram, Netflix, Airbnb, Shopify, and other giants of todays web, all rely on React - as well as millions of other developers. Via The Hacker News Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. ====================================================================== Link to news story: https://www.techradar.com/pro/security/react2shell-rce-flaw-exploited-by-chine se-hackers-hours-after-disclosure --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .