Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

As exploitation activity against CVE-2025-55182, researchers are finding some exploits contain bypasses for Web application firewall (WAF) rules.

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...
Crypto News

Major JavaScript Library Breach Puts All Crypto Websites at Risk

React vulnerability CVE-2025-55182 exploited by crypto-drainers to execute remote code and steal funds from affected websites ...
Visual Studio Magazine

GitHub Updates Spark, Its AI Prompt-Based App Builder

GitHub Spark, an AI app-generation tool separate from Copilot still in public preview, gains enterprise, billing, and UI ...