InfoQ

Bun Introduces Built-in Database Clients and Zero-Config Frontend Development

Bun 1.3 revolutionizes full-stack JavaScript development with unified database APIs and zero-config frontend setup.

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Microsoft

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...
The Hacker News

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

The cybersecurity industry is on high alert following the disclosure of a critical React vulnerability that can be exploited by a remote, unauthenticated attacker for remote code execution. React ...
Ars Technica

Admins and defenders gird themselves against maximum-severity server vuln

Security defenders are girding themselves in response to the disclosure of a maximum-severity vulnerability disclosed Wednesday in React Server, an open-source package that’s widely used by websites ...
Dark Reading

Critical React Flaw Triggers Calls for Immediate Action

A maximum-severity vulnerability in React, a widely used open source software library, could enable remote code execution (RCE) in a massive number of cloud environments, sparking grave concern within ...
The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as ...
InfoQ

TanStack Start: A New Meta Framework Powered by React or SolidJS

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
IEEE

A Tutorial on Near-Field XL-MIMO Communications Toward 6G

Abstract: Extremely large-scale multiple-input multiple-output (XL-MIMO) is a promising technology for the sixth-generation (6G) mobile communication networks. By significantly boosting the antenna ...