Multiple China state-nexus threat groups, including Earth Lamia and Jackpot Panda, were already exploiting a vulnerability impacting React Server Components, a popular open-source tool built into thousands of widely-used digital products, within hours of the public disclosure of the vulnerability — CVE-2025-55182 (React2Shell) — on Dec 3.
React Server Components was maintained by Meta for many years and now is embedded in 50 million websites and products built by countless major firms.
therecord.media/chinese-hacker
aws.amazon.com/blogs/security
