SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
Business Insider

Criminal IP Reveals Global React2Shell RCE Exposure Across React Server Components

TORRANCE, Calif., Dec. 12, 2025 (GLOBE NEWSWIRE) -- In December 2025, the critical React Server Components (RSC) vulnerability known as React2Shell (CVE-2025-55182) was publicly disclosed, revealing a ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: Top ...
Hosted on MSN

React2Shell RCE flaw exploited by Chinese hackers hours after disclosure

Critical React2Shell flaw now exploited in the wild by China-linked groups AWS reports global targeting of finance, logistics, retail, IT, universities, and governments for persistence and espionage ...