CSO Online

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...
How-To Geek on MSN

This new JavaScript engine only needs 10 kB RAM

MicroQuickJS is a new project from Fabrice Bellard, who has created many other open-source projects, including QEMU, FFmpeg, ...

React2Shell exploitation continues to escalate, posing 'significant risk'

In early December, the React team published a security advisory detailing a pre-authentication bug in multiple versions of ...
CSO Online

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate ...
FinanceFeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers exploit a critical React JavaScript vulnerability, CVE-2025-55182, to deploy crypto wallet drainers on legitimate websites ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

A remote code execution (RCE) vulnerability in the React JavaScript library, which earlier today caused disruption across the internet as Cloudflare pushed mitigations live on its network, is now ...
InfoWorld

10 JavaScript-based tools and frameworks for AI and machine learning

The tools and libraries in this article are all excellent options for unlocking the power of AI and machine learning without leaving the JavaScript sandbox. Some simplify connecting web servers and ...
Bleeping Computer

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...