press Dec 11, 2025 · Security Boulevard
Attackers Worldwide are Zeroing In on React2Shell Vulnerability
Security Boulevard reported on December 11, 2025, that attackers worldwide including nation-state groups and cybercriminals are exploiting the React2Shell vulnerability across multiple attack vectors. Casey Ellis contributed analysis on the severity and exploitation patterns of the flaw and the range of threat actors leveraging it.
Source description — as published
Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threat researchers see everything from probes and backdoors to botnets and cryptominers.