Tuesday , July 14 2026
React2Shell

30 orgs breach vi React2Shell flaw, 77k IP addresses vulnerable

More than 77,000 IP addresses online are at risk from the serious React2Shell remote code execution flaw (CVE-2025-55182). Researchers report that attackers have already breached over 30 organizations in various sectors.

React2Shell is a vulnerability that allows unauthorized remote code execution with just one HTTP request. It affects all frameworks using React Server Components, including Next.js, due to shared deserialization logic.

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

On December 4, security researcher Maple3142 released a proof-of-concept for remote command execution on unpatched servers. This prompted rapid scanning for the vulnerability, as both attackers and researchers utilized the public exploit with automation.

Over 77,000 vulnerable IP addresses:

The Shadowserver Foundation has found 77,664 IP addresses at risk due to the React2Shell flaw, including about 23,700 in the U.S.

Researchers found that IP addresses were exposed to vulnerabilities through a detection method by Searchlight Cyber/Assetnote, which involved sending an HTTP request to servers to exploit a flaw and checking the response to confirm device vulnerability.

GreyNoise detected 181 unique IP addresses trying to exploit the flaw in the last 24 hours, mainly from automated traffic. Most scans come from the Netherlands, China, the United States, Hong Kong, and a few other countries.

Palo Alto Networks reveals that over 30 organizations have been affected by the React2Shell flaw, allowing attackers to run commands, gather information, and try to steal AWS configuration and credential files.

These compromises include intrusions linked to known state-associated Chinese threat actors.

Companies globally have quickly installed the patch and applied fixes for the serious React flaw.

Yesterday, Cloudflare roll out emergency measures for the React flaw in its Web Application Firewall (WAF) because of its serious exploitation.

However, the update inadvertently caused an outage affecting numerous websites before the rules were corrected.

CISA included CVE-2025-55182 in the Known Exploited Vulnerabilities catalog, mandating federal agencies to patch it by December 26, 2025, per Binding Operational Directive 22-01.

Organizations using React Server Components or related frameworks should update immediately, rebuild and redeploy their applications, and check logs for PowerShell or shell command activity.

Check Also

FortiGate

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the …