Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...
Visual Studio Magazine

Threat Actors Keep Weaponizing VS Code Extensions

Threat actors are still abusing Visual Studio Code extensions as an entry point, with the latest fake Prettier incident ...

Meet OpenCode, a Community-Built Agent That Trims Tokens & Costs

OpenCode adds LSP support, a metrics panel, and new session commands, so developers spot context fast and cut wasted tokens.
PCGamesN

Cookie Run Kingdom codes December 2025

December 5, 2025: We added two new Cookie Run Kingdom codes for Crystals. What are the new Cookie Run Kingdom codes? To create the kingdom of your dreams, you'll need as many crystals and resources as ...
GamesRadar+

Evade codes (December 2025) for free Points and Tokens

Evade codes can give you a little boost in this parkour horror game, where you need to keep moving in order to survive. Chasing you down are the nextbots, which are moving PNGs with their sights set ...