The Threat CodexDec 14
Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)
#CVE_2025_55182 #MINOCAT #SNOWLIGHT #HISONIC #COMPOOD #EarthLamia #JACKPOTPANDA #UNC6600 #UNC6586 #UNC6588 #UNC6603 #UNC6595
https://cloud.google.com/blog/topics/threat-intelligence/threat-actors-exploit-react2shell-cve-2025-55182
Multiple Threat Actors Exploit React2Shell (CVE-2025-55182) | Google Cloud Blog

Widespread exploitation of the React2Shell vulnerability (CVE-2025-55182) by multiple threat actors, including China and cyber criminals.

Google Cloud Blog
The Threat CodexDec 7
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)
#JACKPOTPANDA #EarthLamia #CVE_2025_55182
https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182) | Amazon Web Services

December 29, 2025: The blog post was updated to add options for AWS Network Firewall. December 12, 2025: The blog post was updated to clarify when customers need to update their ReactJS version. Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December 3, 2025, Amazon threat intelligence teams observed active exploitation attempts by […]

Amazon Web Services