VulnHub

Real-time Cybersecurity News

Back to all threats

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

Security Affairs
Actively Exploited
CVEVulnerabilityAmazon

Summary

AWS Security has reported that multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) within hours of its disclosure. Although this flaw does not affect AWS services, the rapid exploitation highlights the urgency for organizations to address this vulnerability to prevent potential breaches.

Original Article Summary

Multiple China-linked threat actors began exploiting the CVE-2025-55182, aka React2Shell flaw, within hours, AWS Security warns. Multiple China-linked threat actors began exploiting the CVE-2025-55182, also known as the React2Shell flaw, within hours, according to AWS Security. The researchers confirmed that this vulnerability doesn’t affect AWS services, however they opted to share threat intelligence data to […]

Impact

CVE-2025-55182 (React2Shell) - Affects systems utilizing the React2Shell framework; specific products and vendors not detailed.

In the Wild

Yes

Timeline

Disclosed on [date not specified]

Remediation

Organizations should implement security patches for React2Shell as soon as they are available. Regularly update and monitor systems for vulnerabilities, and apply best practices in security configurations to mitigate risks associated with this flaw.

Read Original Article

Related Coverage

New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites

Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More

The JS#SMUGGLER campaign is a sophisticated web attack that employs obfuscated JavaScript and hidden HTA files to deploy the NetSupport RAT on Windows desktops. This malware allows attackers to gain full remote control over infected systems, posing a significant threat to user security and privacy.

Dec 8, 2025

Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks

SecurityWeek

Google has enhanced Chrome's agentic browsing protections to defend against indirect prompt injection attacks. The new features include a user alignment critic, expanded origin-isolation capabilities, and user confirmations, aimed at improving user security and reducing the risk of exploitation.

Dec 8, 2025

ClayRat Android Spyware Expands Capabilities

Infosecurity Magazine

The article discusses a new version of ClayRat Android spyware that has enhanced surveillance and device-control capabilities, indicating an increase in the potential for unauthorized access to personal data. This development poses a significant risk to Android users, as the spyware may be used for malicious purposes such as spying and data theft.

Dec 8, 2025

Early Years practitioners: using cyber security to protect your settings

NCSC Feed

The article discusses the importance of cybersecurity for early years practitioners in protecting sensitive information about children and their settings from online threats and accidental damage. It emphasizes the need for proper security measures to safeguard against potential cybercriminal activities.

Dec 8, 2025

Data breaches: guidance for individuals and families

NCSC Feed

The article provides guidance for individuals and families on how to protect themselves from the impact of data breaches. It emphasizes the importance of proactive measures to safeguard personal information and mitigate risks associated with potential breaches.

Dec 8, 2025

Marquis Software Breach Affects Over 780,000 Nationwide

Infosecurity Magazine

A data breach at Marquis Software Solutions has compromised the personal information of over 780,000 individuals across the United States due to a firewall vulnerability. This incident highlights the critical need for robust cybersecurity measures to protect sensitive data from exploitation.

Dec 8, 2025