React2Shell Vulnerability Under Attack from China-Nexus Groups
A maximum-severity vulnerability affecting the React JavaScript library is under attack by Chinese-nexus actors, further stressing the need to patch now.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A maximum-severity vulnerability affecting the React JavaScript library is under attack by Chinese-nexus actors, further stressing the need to patch now.
Researchers found the threat actor attempting to use the now-patched flaw to load and execute a malicious dynamic link library on infected systems.
While Microsoft patched the issues in June, support for SketchUp appears to remain disabled in Microsoft 365.
The maintainers of the widely used library recently patched multiple memory corruption vulnerabilities that attackers could have abused to, ahem, curse targets with malicious code and escalate privileges.