한국어
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#react2shell 검색 결과

"#react2shell"에 대한 결과가 없습니다
"#react2shell"에 대한 결과가 없습니다
"#react2shell"에 대한 결과가 없습니다
albinowax's profile picture. Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
James Kettle
@albinowax
. 12. 4.

You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!

albinowax's tweet image. You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!
7
107
645
324
40천
p3bt3b's profile picture. Just hanging around
p3bt3b
 @p3bt3b
8 시간

Interesting observation in a #React2Shell (CVE-2025-55182) exploitation: payload removes competing miners & their persistence 😂while Establishes its own via cron, systemd & SSH key. Exfiltrates AWS/GCP creds & included a comment "npx fix-react2shell-next".

p3bt3b's tweet image. Interesting observation in a #React2Shell (CVE-2025-55182) exploitation: payload removes competing miners & their persistence 😂while Establishes its own via cron, systemd & SSH key. Exfiltrates AWS/GCP creds & included a comment "npx fix-react2shell-next".
p3bt3b's tweet image. Interesting observation in a #React2Shell (CVE-2025-55182) exploitation: payload removes competing miners & their persistence 😂while Establishes its own via cron, systemd & SSH key. Exfiltrates AWS/GCP creds & included a comment "npx fix-react2shell-next".
p3bt3b's tweet image. Interesting observation in a #React2Shell (CVE-2025-55182) exploitation: payload removes competing miners & their persistence 😂while Establishes its own via cron, systemd & SSH key. Exfiltrates AWS/GCP creds & included a comment "npx fix-react2shell-next".
p3bt3b's tweet image. Interesting observation in a #React2Shell (CVE-2025-55182) exploitation: payload removes competing miners & their persistence 😂while Establishes its own via cron, systemd & SSH key. Exfiltrates AWS/GCP creds & included a comment "npx fix-react2shell-next".
0
1
5
1
158
Jutsu0xdfir_mal's profile picture. #ThreatHunting / #BlueTeam engineer. I'm just looking for traces in the logs. Reading and retweeting cool stuff.
0xdfir-jutsu-mal
 @Jutsu0xdfir_mal
. 12. 9.

🚨 WARNING: Fake CVE-2025-55182 (React2Shell) scanner contains MALWARE github.com/niha0wa/React2… Hidden payload in code: → mshta.exe https://py-installer[.]cc Targets security researchers hunting this vuln. Always read source before running any "security tool"! #React2Shell

Jutsu0xdfir_mal's tweet image. 🚨 WARNING: Fake CVE-2025-55182 (React2Shell) scanner contains MALWARE github.com/niha0wa/React2… Hidden payload in code: → mshta.exe https://py-installer[.]cc Targets security researchers hunting this vuln. Always read source before running any "security tool"! #React2Shell
23
95
452
136
59천
pdnuclei's profile picture. Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
Nuclei by ProjectDiscovery
@pdnuclei
. 12. 6.

Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell

pdnuclei's tweet image. Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell
2
76
414
303
26천
zoomeye_team's profile picture. A cyberspace search engine built for security researcher Daily Tricks || Latest Vulnerability Updates Email: support@zoomeye.ai https://t.co/AUq5jNpKkl
ZoomEye
@zoomeye_team
. 12. 8.

🚨 #React2Shell Using ZoomEye, we've identified 672k+ exposed assets potentially affected. 🔍 ZoomEye Dork: http.header="Vary: RSC, Next-Router-State-Tree" 🔗 ZoomEye Link: zoomeye.ai/searchResult?q…

zoomeye_team's tweet image. 🚨 #React2Shell Using ZoomEye, we've identified 672k+ exposed assets potentially affected. 🔍 ZoomEye Dork: http.header="Vary: RSC, Next-Router-State-Tree" 🔗 ZoomEye Link: zoomeye.ai/searchResult?q…
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
. 12. 6.

🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"

1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
0
82
426
323
64천
3
51
248
233
35천
broken_link420's profile picture. Internet of Shitz👨‍💻 welcome 2 Cyberia punk🫵 -tequila_ninja🥷 Bug bounty🪲 0xBEEFBABE🍖🥩 DEFCON 34🏴‍☠️💯 🇺🇸USA▪️Croatia🇭🇷 Cali ❤️‍🔥 no bs zone
$~ Hey :D ~$
@broken_link420
. 12. 4.

It's out! Confirmed working RCE POC🥳🥳🤯 #React2Shell gist.github.com/maple3142/48bc…

broken_link420's tweet image. It's out! Confirmed working RCE POC🥳🥳🤯 #React2Shell gist.github.com/maple3142/48bc…
h4x0r_dz's profile picture. Uber Driver
H4x0r.DZ 🇰🇵
@h4x0r_dz
. 12. 4.

CVE-2025-55182 poc is out gist.github.com/maple3142/48bc…

h4x0r_dz's tweet image. CVE-2025-55182 poc is out gist.github.com/maple3142/48bc…
4
34
291
157
54천
0
32
271
153
32천
D0n9D0n9's profile picture. 🧑‍💻 Security Engineer 🛸 Bug Hunter 😎 SoloDev , 👀 Web3 / AI, Maybe? 🚩 CTFer . 📍 in CN ( and, As you can see, Emoji fan 😄
D0n9
 @D0n9D0n9
. 12. 8.

The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182

D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
4
1
8
5
3천
DevAwasthii's profile picture. Open to Work • Full-Stack Developer • ML & AI • 🧑‍💻 GitHub: https://t.co/RREPYLYUDf. Software developer/Programmer/Software engineer
Abhishek
 @DevAwasthii
21 시간

Today I learned the hard way that ignoring React / Next.js vulnerabilities is not an option. My VPS got auto-stopped by the hosting provider due to this fucking vulnerability after a sudden CPU spike. #BuildInPublic #React2Shell #nextjs

DevAwasthii's tweet image. Today I learned the hard way that ignoring React / Next.js vulnerabilities is not an option. My VPS got auto-stopped by the hosting provider due to this fucking vulnerability after a sudden CPU spike. #BuildInPublic #React2Shell #nextjs
DevAwasthii's tweet image. Today I learned the hard way that ignoring React / Next.js vulnerabilities is not an option. My VPS got auto-stopped by the hosting provider due to this fucking vulnerability after a sudden CPU spike. #BuildInPublic #React2Shell #nextjs
2
0
1
0
55
pyn3rd's profile picture. Security Researcher. Over 10 years in cloud WAF engineering. Focused on cloud security. Speaker at Black Hat and CanSecWest.
pyn3rd
@pyn3rd
. 12. 9.

#CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…

pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
16
124
559
356
66천
NTTSH_JP's profile picture. NTTセキュリティ・ジャパン株式会社 公式アカウント。
NTTセキュリティ
 @NTTSH_JP
. 12. 12.

ブログにて「React2Shellによって実行されるマルウェアZnDoorについて」を公開しました。 React2Shellによる攻撃はSOCにおいて非常に多く観測しており、国内の企業においてもインシデント発生を複数観測しています。 jp.security.ntt/insights_resou… #React2Shell #ZnDoor

NTTSH_JP's tweet image. ブログにて「React2Shellによって実行されるマルウェアZnDoorについて」を公開しました。 React2Shellによる攻撃はSOCにおいて非常に多く観測しており、国内の企業においてもインシデント発生を複数観測しています。 jp.security.ntt/insights_resou… #React2Shell #ZnDoor
0
33
83
38
9천
imraax's profile picture. Automotive/IoT Security Researcher
raax
 @imraax
. 12. 4.

nobody care about it? #React2Shell

imraax's tweet image. nobody care about it? #React2Shell
0
1
2
0
2천
MalGamy12's profile picture. Threat Researcher @nextronsystems
Gameel Ali 🤘
 @MalGamy12
. 12. 8.

[1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49

MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
4
7
59
33
6천
mark_443_'s profile picture. Security researchers || Bug Hunter || https://t.co/nuKXlAxTT7 ||
mark🇮🇳
 @mark_443_
. 12. 7.

On vdp program I hope no one has reported this before.😄 #React2Shell #BugBounty #bugbountytips #bug

mark_443_'s tweet image. On vdp program I hope no one has reported this before.😄 #React2Shell #BugBounty #bugbountytips #bug
1
0
5
0
2천
ghostybughunter's profile picture. Bug Bounty 🐞 “el riesgo viene de no saber lo que estás haciendo…”
Ghosty
 @ghostybughunter
. 12. 10.

another one 👌🏼 thank you @coffinxp7 for the youtube tutorial 🙏🏾 #React2Shell

ghostybughunter's tweet image. another one 👌🏼 thank you @coffinxp7 for the youtube tutorial 🙏🏾 #React2Shell
2
0
57
16
4천
CompunetChile's profile picture. Nuestro misión es proveer soluciones a las necesidades y requerimientos, de seguridad de la información y ciberseguridad, a nuestros socios de negocio.
Compunet
 @CompunetChile
9 시간

🚨 ALERTA CIBERSEGURIDAD Nuestro SOC detectó explotación activa de React2Shell (CVE-2025-55182 | CVSS 10.0) para distribuir malware avanzado como KSwapDoor y ZnDoor, afectando +100.000 servidores a nivel global. Prepárate hoy. #CompuNet #React2Shell #CyberSecurity #SOC #BlueTeam

CompunetChile's tweet image. 🚨 ALERTA CIBERSEGURIDAD Nuestro SOC detectó explotación activa de React2Shell (CVE-2025-55182 | CVSS 10.0) para distribuir malware avanzado como KSwapDoor y ZnDoor, afectando +100.000 servidores a nivel global. Prepárate hoy. #CompuNet #React2Shell #CyberSecurity #SOC #BlueTeam
CompunetChile's tweet image. 🚨 ALERTA CIBERSEGURIDAD Nuestro SOC detectó explotación activa de React2Shell (CVE-2025-55182 | CVSS 10.0) para distribuir malware avanzado como KSwapDoor y ZnDoor, afectando +100.000 servidores a nivel global. Prepárate hoy. #CompuNet #React2Shell #CyberSecurity #SOC #BlueTeam
CompunetChile's tweet image. 🚨 ALERTA CIBERSEGURIDAD Nuestro SOC detectó explotación activa de React2Shell (CVE-2025-55182 | CVSS 10.0) para distribuir malware avanzado como KSwapDoor y ZnDoor, afectando +100.000 servidores a nivel global. Prepárate hoy. #CompuNet #React2Shell #CyberSecurity #SOC #BlueTeam
CompunetChile's tweet image. 🚨 ALERTA CIBERSEGURIDAD Nuestro SOC detectó explotación activa de React2Shell (CVE-2025-55182 | CVSS 10.0) para distribuir malware avanzado como KSwapDoor y ZnDoor, afectando +100.000 servidores a nivel global. Prepárate hoy. #CompuNet #React2Shell #CyberSecurity #SOC #BlueTeam
0
0
0
0
54
YungBinary's profile picture. Malware Research @eSentire
YungBinary
@YungBinary
. 12. 8.

TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…

YungBinary's tweet image. TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…
YungBinary's tweet image. TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…
1
2
47
18
4천

Something went wrong.


Something went wrong.


United States Trends