Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Cybernews

Inside AWS’s plan to use agentic AI to reset legacy IT

Across AWS Transform, Nova, Nova Forge, Bedrock AgentCore, Frontier Agents, AI Factories, and its partner ecosystem, AWS ...
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...
CSO Online

December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited

Attacker with local access could escalate privileges, Microsoft warns; analyst calls it ‘the most urgent concern’ this month.