cybernews

React, Next.js disclose follow-up vulnerabilities, again urge users to patch immediately

Web server admins must scramble to update their backend servers again after React and Next.js disclosed two additional follow-up vulnerabilities related to last week’s discovery of a critical bug.
Filmfare

Netizens React As Lawyer Files Complaint Against Aryan Khan

A complaint has been filed against Aryan Khan for flashing his middle finger during a private event. Aryan Khan has once again landed in trouble after a complaint was filed against him for flashing ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
cybernews

“Worst case scenario” vulnerability found in React, Next.js

A critical security flaw has been discovered in React, one of the most widely used JavaScript libraries for building websites. The bug enables external attackers to run privileged, arbitrary code on ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...
The Record

Malware found in npm package with millions of weekly downloads

A massively popular JavaScript library (npm package) was hacked today and modified with malicious code that downloaded and installed a password stealer and cryptocurrency miner on systems where the ...
Bleeping Computer

New MatrixPDF toolkit turns PDFs into phishing and malware lures

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential ...