Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...
TMCnet

Algolia Doubles Down on Developer-First Innovation to Build the Future of Agentic AI Experiences

With the launch of DocSearch, Ask AI, SiteSearch, Agentic Components UI Kit, the Algolia MCP Server, and Agent Studio, Algolia is providing developers with the building blocks to create truly ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.

Critical vulnerability in React JS framework has a near 100% chance to be exploited

Researchers have uncovered a critical security flaw that could have catastrophic consequences for web and private cloud ...
InfoWorld

Apache Tika hit by critical vulnerability thought to be patched months ago

CVE-2025-54988 is a weakness in the tika-parser-pdf-module used to process PDFs in Apache Tika from version 1.13 to and ...
WinBuzzer

Google Releases Gemini 3 Powered Deep Research Agent to Developers via API

Google has released its Deep Research agent to developers via the Interactions API, undercutting OpenAI with low pricing and ...