React2Shell Attacks Explode Past 50 Victims as Security Agencies Rush Response

React2Shell vulnerability sparks global cyberattacks, affecting 50+ organizations. CISA rushes patch deadline amid rising threats.

By Content Team

Dec 14, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A critical vulnerability in React Server Components called React2Shell has triggered a massive wave of cyberattacks, with over 50 organizations confirmed compromised across the US, Asia, South America, and the Middle East. The Cybersecurity and Infrastructure Security Agency moved up the patching deadline to Friday due to escalating threats.

Attackers from nation-states to cybercriminals are exploiting this "one click, game over" flaw that affects popular frameworks like Next.js. Shadowserver found over 165,000 vulnerable IP addresses, with nearly two-thirds in the US. Half remain unpatched despite active exploitation since Tuesday.

Experts compare React2Shell to the devastating Log4Shell vulnerability, warning it's easier to weaponize and harder to detect once compromised.

Source: CyberScoop

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Actively Exploiting Critical WatchGuard Firewall Zero-Day

Dec 23, 2025

TeamPCP Hackers Launch Massive Supply Chain Attack Across Open Source Ecosystem

Mar 25, 2026

Hackers Actively Probing Citrix NetScaler Systems Before Major Attack Wave

Mar 30, 2026

New Android Malware Infects 13,000 Devices Through Supply Chain Attack

Feb 18, 2026