React2Shell RCE flaw exploited by Chinese hackers hours after disclosure


Just as the experts predicted, cybercriminals are now actively exploiting the critical severity vulnerability in React Server Components (RSC) that was discovered late last week. To make matters worse, the crooks observed abusing the bug seem to be working for the Chinese government.

Late last week, the React team published a security advisory detailing a pre-authentication bug in multiple versions of multiple packs, affecting RCS. The versions that are affected include 19.0, 19.1.0, 19.1.1, and 19.2.0, react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. ).

Read more…
Source: TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

    March 20, 2017

    Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...