Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Critical RSC flaws in React and Next.js enable unauthenticated remote code execution; users should update to patched versions ...
Make Tech Easier

This Is What I Used to Automate My Linux Desktop, Without Touching the Terminal

I am using Actiona, a Linux GUI automation tool that automates mouse clicks, keyboard actions, and file tasks to automate my Linux desktop.
CSO Online

Warning: React2Shell vulnerability already being exploited by threat actors

It has been seen spreading cryptojacking malware and in attempts to steal cloud credentials from compromised machines.
CRN

React Server Vulnerability Is No Cause For Panic: Security Expert

A critical-severity vulnerability impacting the popular React open-source library deserves attention, but is far from the ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.
The Hacker News

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

This week’s ThreatsDay Bulletin covers USB malware, fake crypto scams, CastleRAT, new cyber laws, and falling ransomware ...