ภาษาไทย
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#react2shell ผลการค้นหา

phithon_xg's profile picture. @ShopeeSG security team now, Chaitin Tech previously. Opinions are my own.
Phith0n
 @phithon_xg
5 ธ.ค.

try this WAF bypass trick for rsc&&next.js CVE-2025-55182 All fields can use utf16le charset #React2Shell

phithon_xg's tweet image. try this WAF bypass trick for rsc&&next.js CVE-2025-55182 All fields can use utf16le charset #React2Shell
4
53
400
263
26พัน
an0n_r0's profile picture. CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
an0n
 @an0n_r0
6 ชั่วโมง

just tested this in-memory backdoor via #React2Shell, this is crazy. github.com/Malayke/Next.j… I don't have time to set up a honeypot right now, but I'm pretty sure it would catch these kind of requests within minutes. :)

an0n_r0's tweet image. just tested this in-memory backdoor via #React2Shell, this is crazy. github.com/Malayke/Next.j… I don't have time to set up a honeypot right now, but I'm pretty sure it would catch these kind of requests within minutes. :)
0
0
4
6
461
censysio's profile picture. Censys is the source for real-time Internet intelligence and actionable threat insights for governments, F500 companies, and leading threat intel providers
Censys
@censysio
5 ธ.ค.

🚨 Censys on #React2Shell (CVE-2025-55182): We observe ~2.15M exposed web services running Next.js or other RSC-based frameworks—mostly in the U.S. and China. Not all are vulnerable, but active exploitation is underway. Patch now. 👉 Full advisory: hubs.ly/Q03X5QFV0

censysio's tweet image. 🚨 Censys on #React2Shell (CVE-2025-55182): We observe ~2.15M exposed web services running Next.js or other RSC-based frameworks—mostly in the U.S. and China. Not all are vulnerable, but active exploitation is underway. Patch now. 👉 Full advisory: hubs.ly/Q03X5QFV0
2
55
172
78
30พัน
theCTO's profile picture. creator of email
adam
@theCTO
9 ชั่วโมง

the person who discovered the #react2shell vulnerability should get paid $1m

5
0
103
5
6พัน
imraax's profile picture. Automotive/IoT Security Researcher
raax
 @imraax
4 ธ.ค.

nobody care about it? #React2Shell

imraax's tweet image. nobody care about it? #React2Shell
0
0
1
0
2พัน
albinowax's profile picture. Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
James Kettle
@albinowax
4 ธ.ค.

You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!

albinowax's tweet image. You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!
7
101
628
317
36พัน
arshiyaiha's profile picture. Bug Bounty is a game of patience and persistence, and every triage is a victory.
Arshiya
 @arshiyaiha
9 ชั่วโมง

Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty

arshiyaiha's tweet image. Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty
1
2
6
6
683
jctommasi's profile picture. 🥷Security Researcher at https://t.co/AF6AUdIqk6 // 👨🏻‍💻Back-End & API Developer // ✈️ Student Pilot
Juan Cruz Tommasi
 @jctommasi
4 ธ.ค.

Built a vulnerable React/Next.js lab for testing the #React2Shell bugs (CVE-2025-55182 & CVE-2025-66478). Everything ships in Docker containers.. use it 4fun github.com/jctommasi/reac…

jctommasi's tweet image. Built a vulnerable React/Next.js lab for testing the #React2Shell bugs (CVE-2025-55182 & CVE-2025-66478). Everything ships in Docker containers.. use it 4fun github.com/jctommasi/reac…
0
3
12
7
2พัน
pdnuclei's profile picture. Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
Nuclei by ProjectDiscovery
@pdnuclei
19 ชั่วโมง

Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell

pdnuclei's tweet image. Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell
1
11
31
35
3พัน
broken_link420's profile picture. Internet of Shitz👨‍💻 welcome 2 Cyberia punk🫵 -tequila_ninja🥷 Bug bounty🪲 0xBEEFBABE🍖🥩 DEFCON 34🏴‍☠️💯 🇺🇸USA▪️Croatia🇭🇷 Cali ❤️‍🔥 no bs zone
$~ Hey :D ~$
@broken_link420
4 ธ.ค.

It's out! Confirmed working RCE POC🥳🥳🤯 #React2Shell gist.github.com/maple3142/48bc…

broken_link420's tweet image. It's out! Confirmed working RCE POC🥳🥳🤯 #React2Shell gist.github.com/maple3142/48bc…
h4x0r_dz's profile picture. Uber Driver
H4x0r.DZ 🇰🇵
@h4x0r_dz
4 ธ.ค.

CVE-2025-55182 poc is out gist.github.com/maple3142/48bc…

h4x0r_dz's tweet image. CVE-2025-55182 poc is out gist.github.com/maple3142/48bc…
3
33
286
153
50พัน
0
29
265
155
29พัน
sneakymonk3y's profile picture. uber geek blue team cyber commando bad guy annihilator @CrowdStrike OSCP GREM GC|FA/FE/IH
Mark
@sneakymonk3y
5 ธ.ค.

from greynoise.io/blog/cve-2025-… child processes spawning.... 2nd wave... ecrime boyz with their coinminers and stagers #react2shell

sneakymonk3y's tweet image. from greynoise.io/blog/cve-2025-… child processes spawning.... 2nd wave... ecrime boyz with their coinminers and stagers #react2shell
0
0
2
0
601
dimitribest's profile picture. #CTI #Trainer #Speaker Former Senior Director CTI at BlackBerry, Former GReAT team Director in LatAm
Dmitry Bestuzhev
@dimitribest
7 ชั่วโมง

#React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )

dimitribest's tweet image. #React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )
dimitribest's tweet image. #React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )
dimitribest's tweet image. #React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
9 ชั่วโมง

🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"

1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
0
24
161
93
7พัน
0
0
1
0
339
Tblazeen's profile picture. What stands in the way becomes the way. #CyberMaiguard 🤺 #DigitalPlumber 👨🏽‍🔧
Tosin 👑
 @Tblazeen
5 ธ.ค.

#React2Shell

0
0
1
0
167
tnirmalz's profile picture. Wannabe sth.. Never failed to fail. OSCP, CRTP, CRTE Tweets are not mine; they belong to my cat ¯\_(ツ)_/¯
mpz
 @tnirmalz
5 ธ.ค.

May the Bounty Gods be with you 😊 CVE-2025-55182 😊 #React2Shell #BugBounty

tnirmalz's tweet image. May the Bounty Gods be with you 😊 CVE-2025-55182 😊 #React2Shell #BugBounty
0
1
7
2
1พัน
0xlumao666's profile picture. #polymarket|玄学🔮|占卜🎲|周易☯️|实盘 易经预测 #BTC 日内涨跌 初始资金100u
Echo
 @0xlumao666
6 ธ.ค.

Next.js #React2Shell 漏洞这个漏洞真6,我的服务器被直接攻破 并下载了挖矿病毒软件。 本来想还自己摸索看看测试一下呢。这下好了。

0xlumao666's tweet image. Next.js #React2Shell 漏洞这个漏洞真6,我的服务器被直接攻破 并下载了挖矿病毒软件。 本来想还自己摸索看看测试一下呢。这下好了。
0
0
0
0
154
0w4ys's profile picture.
z3r0 🇵🇸
 @0w4ys
4 ธ.ค.

#React2Shell CVE-2025-55182 Passive checker github.com/oways/React2sh… Stay Secure!

0w4ys's tweet image. #React2Shell CVE-2025-55182 Passive checker github.com/oways/React2sh… Stay Secure!
0
1
10
8
3พัน
twelvesec's profile picture. Information security , knowledge sharing, community supporter.
twelvesec
 @twelvesec
1 ชั่วโมง

Multiple China-linked #hackers began exploiting the #React2Shell #vulnerability (CVE-2025-55182) affecting React and Next.js just hours after the max-severity issue was disclosed. #CyberSecurity #InfoSec ift.tt/LCoEzin

twelvesec's tweet image. Multiple China-linked #hackers began exploiting the #React2Shell #vulnerability (CVE-2025-55182) affecting React and Next.js just hours after the max-severity issue was disclosed. #CyberSecurity #InfoSec ift.tt/LCoEzin
0
0
0
0
65
Shant_tiw's profile picture. always building something
Shantanu Tiwari
 @Shant_tiw
2 ชั่วโมง

The recent #React2Shell vulnerability is a reminder that even mature ecosystems can expose serious risks when server-side rendering is involved. If you're using React Server Components or frameworks like Next.js, update immediately and review your server boundaries.

1
0
0
0
28
KrasimirTsonev's profile picture. Senior engineer. Book author. Speaker. Serial SaaS builder.
Krasimir
 @KrasimirTsonev
2 ชั่วโมง

You've probably heard about the #React2Shell vulnerability. That's a security problem in the React's flight protocol. That's the protocol responsible for making React server components work. Here's a nice article by @rauchg about how it actually works - linkedin.com/pulse/react2sh…

KrasimirTsonev's tweet card. This strange data structure is responsible for many sleepless nights this week across the industry. This is the now infamous React2Shell payload as discovered by Lachlan Davidson, now widely circul...
React2Shell
แหล่งที่มา: linkedin.com
0
0
0
0
51
nxtgen579255's profile picture. 🚀 Daily Tech & Business Updates 🔍 Breaking AI, Startup, & Industry Trends 📊 Insights on Innovation & Growth 📩 Stay Ahead. Stay Informed. #Tech #AI #business
Techgines
 @nxtgen579255
3 ชั่วโมง

🚨 CRITICAL: React2Shell (CVE-2025-55182) - CVSS 10.0 Pre-auth RCE affecting React 19.x & Next.js 15.x/16.x ⚠️ Active exploitation detected ⚠️ CISA KEV listed ⚠️ Default configs vulnerable techgines.com/post/is-your-r… #React2Shell #CyberSecurity

nxtgen579255's tweet image. 🚨 CRITICAL: React2Shell (CVE-2025-55182) - CVSS 10.0 Pre-auth RCE affecting React 19.x & Next.js 15.x/16.x ⚠️ Active exploitation detected ⚠️ CISA KEV listed ⚠️ Default configs vulnerable techgines.com/post/is-your-r… #React2Shell #CyberSecurity
0
0
0
0
110
Exec_Puredream's profile picture. 나사가 풀리다 못해 나사만 남은 공허한 인간
Exec_puredream
 @Exec_Puredream
3 ชั่วโมง

cve.org/CVERecord?id=C… 옛처럼 프론트단에서 ui 처리하고 서버단에서 처리하고 하는 시대는 지났어요. 요즘에 와서는 프론트가 사실상 미니 런타임 서버처럼 굴러가는게 기본값인데 예쁜 화면만 알면 안되는 시대에 들어온거 같아요. 프론트 분들 화이팅입니다.... #React2Shell

0
0
0
0
69
transilienceai's profile picture. Generative AI for Defenders. Follow for latest threat information (AI curated, not vetted). https://t.co/3q2mTl1iZC
transilienceai
@transilienceai
4 ชั่วโมง

🚨 CVE-2025-55182, also known as React2Shell, is a critical unauthenticated remote code execution (RCE) vulnerability affecting React Server Components versions 19.0.0 through 19.2.0 and some Next.js versions. #CVE2025 #React2Shell

1
0
0
0
236
ngnicky's profile picture. pentesting, security research, bug hunter, IT Edu 보안프로젝트 대표, IT보안 교육, 보안 리서치 전문 / 글쓰기 좋아함. 주식 투자에 진심, 책 출간 20여권 $TSLA $PLTR $NVDA $LRCX
보안프로젝트
@ngnicky
6 ชั่วโมง

최악의 해킹 위협이라 할 수 있었던 #log4j RCE 취약점도 12월 6일~9일 사이... 이번 #React2Shell 해킹도 비슷한 시점... 크리스마스까지 모두 대응을 할 수 있을지...

1
0
7
0
356
ngnicky's profile picture. pentesting, security research, bug hunter, IT Edu 보안프로젝트 대표, IT보안 교육, 보안 리서치 전문 / 글쓰기 좋아함. 주식 투자에 진심, 책 출간 20여권 $TSLA $PLTR $NVDA $LRCX
보안프로젝트
@ngnicky
6 ชั่วโมง

React2Shell 해킹 위협 쇼단 검색 서비스 기준으로 한국 서비스 1만 2천개정도 노출 상태. AWS 클라우드 위에 동작하는게 50%정도네요. 회사 IP가 포함되어 있다면 관심 가지시길.. 주말 끝나면 헬게이트 열릴수 있으니.. #shodan #React2Shell shodan.io/search?query=V…

ngnicky's tweet image. React2Shell 해킹 위협 쇼단 검색 서비스 기준으로 한국 서비스 1만 2천개정도 노출 상태. AWS 클라우드 위에 동작하는게 50%정도네요. 회사 IP가 포함되어 있다면 관심 가지시길.. 주말 끝나면 헬게이트 열릴수 있으니.. #shodan #React2Shell shodan.io/search?query=V…
ngnicky's tweet image. React2Shell 해킹 위협 쇼단 검색 서비스 기준으로 한국 서비스 1만 2천개정도 노출 상태. AWS 클라우드 위에 동작하는게 50%정도네요. 회사 IP가 포함되어 있다면 관심 가지시길.. 주말 끝나면 헬게이트 열릴수 있으니.. #shodan #React2Shell shodan.io/search?query=V…
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
9 ชั่วโมง

🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"

1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
0
24
161
93
7พัน
0
1
6
1
441
an0n_r0's profile picture. CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
an0n
 @an0n_r0
6 ชั่วโมง

just tested this in-memory backdoor via #React2Shell, this is crazy. github.com/Malayke/Next.j… I don't have time to set up a honeypot right now, but I'm pretty sure it would catch these kind of requests within minutes. :)

an0n_r0's tweet image. just tested this in-memory backdoor via #React2Shell, this is crazy. github.com/Malayke/Next.j… I don't have time to set up a honeypot right now, but I'm pretty sure it would catch these kind of requests within minutes. :)
0
0
4
6
461
jpkgx's profile picture.
io
 @jpkgx
6 ชั่วโมง

this will be the most devastating month for nextJS #React2Shell

0
0
0
0
54
dimitribest's profile picture. #CTI #Trainer #Speaker Former Senior Director CTI at BlackBerry, Former GReAT team Director in LatAm
Dmitry Bestuzhev
@dimitribest
7 ชั่วโมง

#React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )

dimitribest's tweet image. #React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )
dimitribest's tweet image. #React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )
dimitribest's tweet image. #React2Shell via FOFA. Chile: 4,503 results ( 1,649 unique IP )
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
9 ชั่วโมง

🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"

1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
0
24
161
93
7พัน
0
0
1
0
339
01ra66it's profile picture. Cybersecurity hobbyist. “Probably the first Black Hat Arsenal speaker from Japan’s Ministry of Defense.” CISSP/SSCP/CSAP.
Mr.Rabbit
 @01ra66it
8 ชั่วโมง

CVE-2025-55182 (React2Shell)、認証不要のRCEでCISAのKEV登録。React/Next.js利用環境で即実戦悪用、クラウドの約40%が影響との分析。パッチ適用とWAF導入が急務。#React2Shell #CVE202555182 #WebSecurity thehackernews.com/2025/12/critic…

01ra66it's tweet card. CISA flags the React2Shell remote code flaw after real-world attacks hit millions of exposed services.
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
แหล่งที่มา: thehackernews.com
0
0
1
0
439
01ra66it's profile picture. Cybersecurity hobbyist. “Probably the first Black Hat Arsenal speaker from Japan’s Ministry of Defense.” CISSP/SSCP/CSAP.
Mr.Rabbit
 @01ra66it
8 ชั่วโมง

React2Shell (CVE-2025-55182) の脆弱性で、77,000超の公開IPが影響。既に30超の組織が侵害され、PowerShell → Cobalt Strike によるバックドア設置が確認。React/Next.js 利用者は即時アップデートとWAF適用を。#React2Shell #RCE #WebSecurity bleepingcomputer.com/news/security/…

01ra66it's tweet card. Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already comprom...
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
แหล่งที่มา: bleepingcomputer.com
0
0
0
0
472
theCTO's profile picture. creator of email
adam
@theCTO
9 ชั่วโมง

the person who discovered the #react2shell vulnerability should get paid $1m

5
0
103
5
6พัน
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
9 ชั่วโมง

Over 77,000 IPs vulnerable to React2Shell (CVE-2025-55182), with 30+ orgs breached. Chinese threat actors use PowerShell and malware like Snowlight and Vshell for remote code execution. #React2Shell #China #MalwareAttack ift.tt/gBlKqDH

TweetThreatNews's tweet card. Over 77,000 IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with attackers already compromising over 30 organizations. Widespread exploitation...
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
แหล่งที่มา: hendryadrian.com
0
0
0
0
174
arshiyaiha's profile picture. Bug Bounty is a game of patience and persistence, and every triage is a victory.
Arshiya
 @arshiyaiha
9 ชั่วโมง

Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty

arshiyaiha's tweet image. Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty
1
2
6
6
683
ไม่พบผลลัพธ์สำหรับ "#react2shell"
ไม่พบผลลัพธ์สำหรับ "#react2shell"

Something went wrong.


Something went wrong.


United States Trends