Português
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#react2shell resultados da pesquisa

YungBinary's profile picture. Malware Research @eSentire
YungBinary
@YungBinary
6 h

TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…

YungBinary's tweet image. TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…
YungBinary's tweet image. TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…
0
2
10
0
659
atif2816's profile picture. Ethical Hacker, Bug Bounty hunter
Atif Alam 🇮🇳
 @atif2816
12 h

While looking for #React2Shell with @Rohan_Lew we identified a critical SSRF flaw that enabled extraction of AWS metadata — a serious cloud-security exposure. #bugbounty #Hacking #InfoSec #EthicalHacking #cybersecurity

atif2816's tweet image. While looking for #React2Shell with @Rohan_Lew we identified a critical SSRF flaw that enabled extraction of AWS metadata — a serious cloud-security exposure. #bugbounty #Hacking #InfoSec #EthicalHacking #cybersecurity
0
1
4
1
329
an0n_r0's profile picture. CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
an0n
 @an0n_r0
7 de dez. de

just tested this in-memory backdoor via #React2Shell, this is crazy. github.com/Malayke/Next.j… I don't have time to set up a honeypot right now, but I'm pretty sure it would catch these kind of requests within minutes. :)

an0n_r0's tweet image. just tested this in-memory backdoor via #React2Shell, this is crazy. github.com/Malayke/Next.j… I don't have time to set up a honeypot right now, but I'm pretty sure it would catch these kind of requests within minutes. :)
0
23
136
79
17K
imraax's profile picture. Automotive/IoT Security Researcher
raax
 @imraax
4 de dez. de

nobody care about it? #React2Shell

imraax's tweet image. nobody care about it? #React2Shell
0
1
2
0
2K
pdnuclei's profile picture. Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
Nuclei by ProjectDiscovery
@pdnuclei
6 de dez. de

Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell

pdnuclei's tweet image. Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell
2
77
405
290
22K
phithon_xg's profile picture. @ShopeeSG security team now, Chaitin Tech previously. Opinions are my own.
Phith0n
 @phithon_xg
5 de dez. de

try this WAF bypass trick for rsc&&next.js CVE-2025-55182 All fields can use utf16le charset #React2Shell

phithon_xg's tweet image. try this WAF bypass trick for rsc&&next.js CVE-2025-55182 All fields can use utf16le charset #React2Shell
4
70
474
305
39K
StrobesHQ's profile picture. AI-Driven CTEM Platform to Minimize Threat Exposure!
Strobes Security, Inc.
 @StrobesHQ
9 h

React2Shell is not fixed for many teams. RSC and the Next.js App Router need another look. One Flight frame can still reach your server runtime. Full write up: strobes.co/blog/react2she… #React2Shell #CVE2025 #NextJS #RSC #AppSec #VulnerabilityManagement

StrobesHQ's tweet image. React2Shell is not fixed for many teams. RSC and the Next.js App Router need another look. One Flight frame can still reach your server runtime. Full write up: strobes.co/blog/react2she… #React2Shell #CVE2025 #NextJS #RSC #AppSec #VulnerabilityManagement
0
1
1
0
131
arshadkazmi42's profile picture. Building - https://t.co/y9nGPrujbt • https://t.co/Nz4OeuRYu5 • https://t.co/I4vk04GP2P • https://t.co/zIeDx3I187 • https://t.co/X79wKLPOQn • https://t.co/9DMnOUMM2j Bug bounty - https://t.co/cfGDVsjRYF • https://t.co/4ewaqt7N23
Arshad Kazmi
@arshadkazmi42
12 h

My #llmHunter in action, trying to bypass Vercel's WAF for #React2Shell 🤞🤞🤞

disclosedh1's profile picture. This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
publiclyDisclosed
 @disclosedh1
6 de dez. de

Vercel Platform Protection started using @Hacker0x01 today: hackerone.com/vercel_platfor… , pays: 100$ min. #hackerone #bugbounty

0
1
33
13
7K
0
1
7
3
978
D0n9D0n9's profile picture. 🧑‍💻 Security Engineer 🛸 Bug Hunter 😎 SoloDev , 👀 Web3 / AI, Maybe? 🚩 CTFer . 📍 in CN ( and, As you can see, Emoji fan 😄
D0n9
 @D0n9D0n9
17 h

The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182

D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
2
1
3
2
912
arshiyaiha's profile picture. Bug Bounty is a game of patience and persistence, and every triage is a victory.
Arshiya
 @arshiyaiha
6 de dez. de

Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty

arshiyaiha's tweet image. Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty
6
36
236
216
19K
theCTO's profile picture. creator of email
adam
@theCTO
6 de dez. de

the person who discovered the #react2shell vulnerability should get paid $1m

19
43
1K
114
118K
MalGamy12's profile picture. Threat Researcher @nextronsystems
Gameel Ali 🤘
 @MalGamy12
5 h

[1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49

MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
MalGamy12's tweet image. [1] CVE-2025-66478 exploited in the wild. Following up on Tyler Hudak post on #React2Shell, I found a log file from a compromised Next.js app. Cryptominer runs 3-stage attack: kill competitors, deploy miner, persist with watchdog. lnkd.in/dftjCX49
3
2
9
1
675
albinowax's profile picture. Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
James Kettle
@albinowax
4 de dez. de

You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!

albinowax's tweet image. You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!
7
104
636
320
38K
mark_443_'s profile picture. Security researchers || Bug Hunter || https://t.co/nuKXlAxTT7 ||
mark🇮🇳
 @mark_443_
7 de dez. de

On vdp program I hope no one has reported this before.😄 #React2Shell #BugBounty #bugbountytips #bug

mark_443_'s tweet image. On vdp program I hope no one has reported this before.😄 #React2Shell #BugBounty #bugbountytips #bug
0
0
4
0
1K
Nenhum resultado para "#react2shell"
Nenhum resultado para "#react2shell"
Nenhum resultado para "#react2shell"

Something went wrong.


Something went wrong.


United States Trends