Português
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#react2shell resultados da pesquisa

Nenhum resultado para "#react2shell"
Nenhum resultado para "#react2shell"
Nenhum resultado para "#react2shell"
Jutsu0xdfir_mal's profile picture. #ThreatHunting / #BlueTeam engineer. I'm just looking for traces in the logs. Reading and retweeting cool stuff. MITRE ATT&CK Defender:CTI,SOCAsses,AE,PTM,THDE.
0xdfir-jutsu-mal
 @Jutsu0xdfir_mal
18 h

🚨 WARNING: Fake CVE-2025-55182 (React2Shell) scanner contains MALWARE github.com/niha0wa/React2… Hidden payload in code: → mshta.exe https://py-installer[.]cc Targets security researchers hunting this vuln. Always read source before running any "security tool"! #React2Shell

Jutsu0xdfir_mal's tweet image. 🚨 WARNING: Fake CVE-2025-55182 (React2Shell) scanner contains MALWARE github.com/niha0wa/React2… Hidden payload in code: → mshta.exe https://py-installer[.]cc Targets security researchers hunting this vuln. Always read source before running any "security tool"! #React2Shell
4
23
106
33
15K
phithon_xg's profile picture. @ShopeeSG security team now, Chaitin Tech previously. Opinions are my own.
Phith0n
 @phithon_xg
5 de dez. de

try this WAF bypass trick for rsc&&next.js CVE-2025-55182 All fields can use utf16le charset #React2Shell

phithon_xg's tweet image. try this WAF bypass trick for rsc&&next.js CVE-2025-55182 All fields can use utf16le charset #React2Shell
5
71
481
302
41K
imraax's profile picture. Automotive/IoT Security Researcher
raax
 @imraax
4 de dez. de

nobody care about it? #React2Shell

imraax's tweet image. nobody care about it? #React2Shell
0
1
2
0
2K
pyn3rd's profile picture. Security Researcher. Over 10 years in cloud WAF engineering. Focused on cloud security. Speaker at Black Hat and CanSecWest.
pyn3rd
@pyn3rd
9 h

#CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…

pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
pyn3rd's tweet image. #CVE-2025-55182 #React2Shell Let me walk you through the technical path of the WAF bypass. When a request is sent as multipart/form-data, Next.js hands the raw body stream to Busboy. The bypass comes from Busboy’s charset logic: it cleanly accepts UTF‑16LE (and legacy UCS‑2) and…
5
56
293
190
13K
mark_443_'s profile picture. Security researchers || Bug Hunter || https://t.co/nuKXlAxTT7 ||
mark🇮🇳
 @mark_443_
7 de dez. de

On vdp program I hope no one has reported this before.😄 #React2Shell #BugBounty #bugbountytips #bug

mark_443_'s tweet image. On vdp program I hope no one has reported this before.😄 #React2Shell #BugBounty #bugbountytips #bug
0
0
4
0
2K
arshiyaiha's profile picture. Bug Bounty is a game of patience and persistence, and every triage is a victory.
Arshiya
 @arshiyaiha
6 de dez. de

Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty

arshiyaiha's tweet image. Detecting #React2Shell (CVE-2025-55182), Safe probe for Flight parser error with Curl and without harmful execution. Indicators of vulnerability: ✅ Response Code = 500 ✅ Word "digest" appears in response body #React2Shell #CVE202555182 #BugBounty
6
38
241
217
19K
PakCyberbot's profile picture. (T³) Technical Thinking Tinkerer
Pak Cyberbot
 @PakCyberbot
17 h

After #React2Shell CVE-2025-55182,CVE-2025-66478

PakCyberbot's tweet image. After #React2Shell CVE-2025-55182,CVE-2025-66478
0
0
3
0
282
D0n9D0n9's profile picture. 🧑‍💻 Security Engineer 🛸 Bug Hunter 😎 SoloDev , 👀 Web3 / AI, Maybe? 🚩 CTFer . 📍 in CN ( and, As you can see, Emoji fan 😄
D0n9
 @D0n9D0n9
8 de dez. de

The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182

D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
D0n9D0n9's tweet image. The React2shell bypass technique leverages various features of JSON and JavaScript, and the Flight Protocol can also be utilized for obfuscation. In Figure 3, which demonstrates bypassing a certain WAF, can you identify how many tricks are used? #React2Shell #CVE-2025-55182
2
1
5
2
2K
pranjal_birla's profile picture. MERN Developer Next Js. Exploring some machine learning algorithms currently in 3rd year CSE
Pranjal Birla
 @pranjal_birla
14 h

strange things happening #React2Shell CVE-2025-55182 the vulnerability in React Server components found random '~' folder and a shell[.]sh file into public folders all happening around the termination with ssh access...👀 Abstraction is important and necessary

pranjal_birla's tweet image. strange things happening #React2Shell CVE-2025-55182 the vulnerability in React Server components found random '~' folder and a shell[.]sh file into public folders all happening around the termination with ssh access...👀 Abstraction is important and necessary
0
0
2
1
234
jctommasi's profile picture. 🥷Security Researcher at https://t.co/AF6AUdIqk6 // 👨🏻‍💻Back-End & API Developer // ✈️ Student Pilot
Juan Cruz Tommasi
 @jctommasi
4 de dez. de

Built a vulnerable React/Next.js lab for testing the #React2Shell bugs (CVE-2025-55182 & CVE-2025-66478). Everything ships in Docker containers.. use it 4fun github.com/jctommasi/reac…

jctommasi's tweet image. Built a vulnerable React/Next.js lab for testing the #React2Shell bugs (CVE-2025-55182 & CVE-2025-66478). Everything ships in Docker containers.. use it 4fun github.com/jctommasi/reac…
1
3
15
7
3K
zoomeye_team's profile picture. A cyberspace search engine built for security researcher Daily Tricks || Latest Vulnerability Updates Email: support@zoomeye.ai https://t.co/AUq5jNpKkl
ZoomEye
@zoomeye_team
17 h

🚨🚨 #React2Shell (CVE-2025-55182) continues to heat up globally — and what's really sending bounty hunters' heart rates through the roof is: • RCE + no auth + super short exploit chain • Hunters already landing successful exploits in high-value bounty programs • Massive…

zoomeye_team's tweet image. 🚨🚨 #React2Shell (CVE-2025-55182) continues to heat up globally — and what's really sending bounty hunters' heart rates through the roof is: • RCE + no auth + super short exploit chain • Hunters already landing successful exploits in high-value bounty programs • Massive…
2
17
99
74
9K
YungBinary's profile picture. Malware Research @eSentire
YungBinary
@YungBinary
8 de dez. de

TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…

YungBinary's tweet image. TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…
YungBinary's tweet image. TRU is tracking active exploitation of #React2Shell and released an advisory with observables/indicators. Observed activity includes system reconnaissance and attempts to exfiltrate AWS credentials. esentire.com/security-advis…
1
2
38
12
3K
pdnuclei's profile picture. Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
Nuclei by ProjectDiscovery
@pdnuclei
6 de dez. de

Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell

pdnuclei's tweet image. Scanning for CVE-2025-55182 using @pdnuclei 🚨 If you're running Next.js / React, scan your apps now. Nuclei Template - cloud.projectdiscovery.io/library/CVE-20… Vulnerability Advisory - react.dev/blog/2025/12/0… #nextjs #cybersecurity #react2shell
2
77
412
298
23K
albinowax's profile picture. Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
James Kettle
@albinowax
4 de dez. de

You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!

albinowax's tweet image. You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!
7
104
637
321
39K
sneakymonk3y's profile picture. uber geek blue team cyber commando bad guy annihilator @CrowdStrike OSCP GREM GC|FA/FE/IH
Mark
@sneakymonk3y
5 de dez. de

from greynoise.io/blog/cve-2025-… child processes spawning.... 2nd wave... ecrime boyz with their coinminers and stagers #react2shell

sneakymonk3y's tweet image. from greynoise.io/blog/cve-2025-… child processes spawning.... 2nd wave... ecrime boyz with their coinminers and stagers #react2shell
0
0
4
0
1K
pranjal_birla's profile picture. MERN Developer Next Js. Exploring some machine learning algorithms currently in 3rd year CSE
Pranjal Birla
 @pranjal_birla
13 h

Also never use 'npm i --force' won't realize but would regret one day.... CVE-2025-55182(#React2Shell) use this to fix npx fix-react2shell-next or would land helping some miner to earn some good bucks and pay the bill for recourses consumed... #Crypto #mining #hacker #attack

pranjal_birla's tweet image. Also never use 'npm i --force' won't realize but would regret one day.... CVE-2025-55182(#React2Shell) use this to fix npx fix-react2shell-next or would land helping some miner to earn some good bucks and pay the bill for recourses consumed... #Crypto #mining #hacker #attack
0
0
1
1
313
zoomeye_team's profile picture. A cyberspace search engine built for security researcher Daily Tricks || Latest Vulnerability Updates Email: support@zoomeye.ai https://t.co/AUq5jNpKkl
ZoomEye
@zoomeye_team
8 de dez. de

🚨 #React2Shell Using ZoomEye, we've identified 672k+ exposed assets potentially affected. 🔍 ZoomEye Dork: http.header="Vary: RSC, Next-Router-State-Tree" 🔗 ZoomEye Link: zoomeye.ai/searchResult?q…

zoomeye_team's tweet image. 🚨 #React2Shell Using ZoomEye, we've identified 672k+ exposed assets potentially affected. 🔍 ZoomEye Dork: http.header="Vary: RSC, Next-Router-State-Tree" 🔗 ZoomEye Link: zoomeye.ai/searchResult?q…
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
6 de dez. de

🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"

1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
1ZRR4H's tweet image. 🚩 #React2Shell 🌐📡 → Censys (+270K assets): services.http.response.headers: (key: `Vary` and value.headers: `RSC, Next-Router-State-Tree`) → Shodan (+380K assets): "Vary: RSC, Next-Router-State-Tree"
0
79
423
320
59K
3
52
243
226
33K

Something went wrong.


Something went wrong.


United States Trends