Security News React2Shell critical flaw actively exploited in China-linked attacks BleepingComputer Daniel Bender 05 Dec 2025 Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and Next.js just hours after the max-severity issue was disclosed.
