Nation-State and Cybercrime Exploits Tied to React2Shell

The React2Shell vulnerability, tracked as CVE-2025-55182, is being widely exploited by nation-state actors from China, North Korea, and Iran, as well as by financially motivated cybercriminals. This flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers, with observed attacks ranging from cryptomining to sophisticated backdoors.