top of page
perceptive_background_267k.jpg

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

Published:

10 December 2025 at 20:19:00

Alert date:

10 December 2025 at 21:00:50

Source:

thehackernews.com

Click to open the original link from this advisory

React2Shell vulnerability in React Server Components (RSC) continues to be heavily exploited by threat actors across multiple sectors. Attackers are leveraging this maximum-severity security flaw to deliver cryptocurrency miners and deploy previously undocumented malware families. New malware discovered includes PeerBlight (Linux backdoor), CowTunnel (reverse proxy tunnel), and a Go-based malware. The exploitation campaign is actively targeting various industries with sophisticated payload delivery mechanisms.

Technical details

Mitigation steps:

Affected products:

React Server Components

Related links:

https://thehackernews.com/2025/12/react2shell-exploitation-delivers.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page