When the Patch Causes an Outage - React2Shell Broke Cloudflare, Shopify, Zoom | Dec 6-10
Big Picture
This week is about the React2Shell CVE. An exploit so big Cloudflare pushed emergency WAF rules causing Shopify, Zoom and others to go down. React2Shell was so widespread fixing it literally broke production at scale.
The severity of React2Shell and its aftermath is obviously this week's top story and rightfuly so.
React2Shell already has everything it needs to get fixed. Nation-state exploitation. CISA KEV entry. Media coverage. Executive attention. Most organizations will patch this within days.
But here's an interesting question we've been thinking about. Does that make us safer long-term?
As Pixee's own staff software engineer Ryan Dens observed this week: "React2Shell will absorb massive resources precisely because it can't be ignored. But we have infinite CVEs and finite attention."
For us the most exciting question in AppSec is how to deploy AI to solve the problem of triaging thousands of vulnerabilities to find the few that are actually exploitable in your architecture. (That's the core of our new SCA product BTW).
Anyway, while we keep exploring React2Shell below, this week also saw Anthropic acquire Bun and interesting new CISO data published in a new Wiz report, both of which are worth your time.
The Technical Breakdown on React2Shell
CVE-2025-55182 earned its CVSS 10.0 rating through textbook deserialization: unsafe Flight protocol decoding in React Server Components enabled unauthenticated RCE. Within hours of disclosure, China-nexus threat actors weaponized it for credential harvesting and backdoor deployment. North Korean groups followed with EtherRAT campaigns. 77,000+ vulnerable IP addresses were identified within 72 hours. CISA added the CVE to its Known Exploited Vulnerabilities catalog with confirmed wild exploitation.
If you want to ground React2Shell in a historical/technical understanding, Pixee's CTO Arshan Dabirsiaghi's analysis looks at how React2Shell repeats the Struts pattern. As a reminder, throughout the 2010s, Struts embedded the OGNL expression language throughout its framework with minimal safeguards. User-controlled data repeatedly reached code execution paths culminating in the Equifax breach.
React2Shell follows the same architectural pattern: Flight protocol creates "a mini-serialization language" where crafted payloads can reach code execution paths.
Arshan's main takeaway is that whenever powerful interpreters or serialization protocols hide behind the scenes supporting developer ergonomics, history suggests eventual remote code execution.
Takeaways
React2Shell is a major event. Fortunately many organizations already possess the infrastructure to handle React2Shell. The question is whether the next architectural vulnerability class gets the same treatment before it has a name and a media cycle.
The Wiz Numbers
Switching gears, this week saw the publication of Wiz's 2025 benchmark study featuring survey data from over 300 CISOs.
It wasn't surprising to see 85% of CISOs report budgets keep rising, cloud programs keep expanding, and that increasing automation and improving visibility is a top priority for literally everyone (99%).
Another call-out is tool sprawl. 58% of orgs report running more than 25 tools, 28% operate 50+, and "an unlucky 13%" have more than 100." Predictably tool sprawl, complexity, and the time/effort of managing existing tools are cited as significant inhibitors to effective security.
Here's the link to download the full report behind their paywall.
Takeaways
In AppSec, 54% of us expect a moderate budget increase, 16% a significant increase, and only 4.1% any sort of decrease at all. The question is, how do you maximize ROI and prove AI-enabled productivity gains to meet board mandates?
AI Coding Tools Are Production Infrastructure Now
Three signals this week marked another threshold in the march of AI coding tools towards becoming core infrastructure.
• Anthropic acquired Bun to accelerate Claude Code as production-ready infrastructure
• The Linux Foundation formed the Agentic AI Foundation with Anthropic, OpenAI, and Block as founding members
• Microsoft's December Patch Tuesday explicitly addressed AI coding tool vulnerabilities alongside its 57 other flaws
Another example of the need for security here: The GeminiJack vulnerability demonstrated that enterprise AI coding assistants are vulnerable to indirect prompt injection via documents and code comments. Google responded by deploying a second AI model to monitor Gemini agents for prompt injection attacks.
Takeaways
The importance of security policies related to AI isn't going anywhere.