The exploitation efforts by China-nexus groups and other bad actors against the critical and easily abused React2Shell flaw in the popular React and Next.js software accelerated over the weekend, with threats ranging from stolen credentials and initial access to downloaders, crypto-mining, and the NoodleRat backdoor being executed.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/12/exploitation-efforts-against-critical-react2shell-flaw-accelerate/
