Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

React2Shell fallout spreads to sensitive targets as public exploits hit all-time high

(Pexels / Pixabay)

By Matt Kapko

Fallout from React2Shell — a stubborn vulnerability that impacts wide swaths of the internet’s scaffolding — continues to spread as public exploits and stealth backdoors proliferate and worrying details emerge about the targets attackers are pursuing. 

Threat researchers and incident responders are reacting to swift-moving developments on React2Shell with mounting concern. Cybercriminals, ransomware gangs and nation-state threat groups are all swarming to exploit the maximum-severity vulnerability.

Palo Alto Networks’ Unit 42 puts the latest victim count at more than 60 organizations, which have been impacted by attacks involving exploitation of CVE-2025-55182, which Meta and the React team publicly disclosed Dec. 3.

Read more at CyberScoop

Click to listen highlighted text!