Five China-Nexus Groups Exploited React2Shell | Dec 13-17
Big Picture
Last week we covered React2Shell's immediate impact: the Cloudflare WAF rules that broke Shopify and Zoom, the CVSS 10.0 rating, the rapid weaponization.
This week's story is what came after: coordinated nation-state exploitation documented by Google, plus a significant policy shift from the UK government acknowledging fundamental limitations in AI security.
Also this week, we shipped something we've been working on for a while. Pixee for SCA uses AI agents to evaluate whether vulnerabilities are truly exploitable by contextually looking at deployment configuration, data flow, and API arguments rather than just call graphs. (Shameless plug I know, but it's relevant to the triage challenges we keep covering.)
TL;DR
Google Threat Intelligence documented five China-nexus groups exploiting React2Shell across 116,000+ vulnerable systems with backdoors, downloaders, and tunneling malware.
UK's NCSC declared prompt injection attacks "can't be fully mitigated," officially shifting guidance from prevention to impact reduction.
Microsoft expanded its bug bounty program to include all third-party and open-source code "in scope by default."
Google Documents Coordinated React2Shell Exploitation
Google Threat Intelligence published detailed attribution this week, documenting five China-nexus threat groups actively exploiting React2Shell (CVE-2025-55182). The scale: 116,000+ vulnerable systems, backdoors deployed, credential harvesting campaigns running, tunneling malware establishing persistence.
Meanwhile, React disclosed three additional RSC vulnerabilities (CVE-2025-55183, CVE-2025-55184, CVE-2025-67779) discovered while researchers probed the original patches. Denial-of-service conditions and source code exposure surfaced specifically because researchers started examining RSC security more closely.
Takeaways
Framework-level vulnerabilities tend to reveal architectural security debt—attack surfaces that weren't comprehensively threat-modeled before release.
UK Government Acknowledges AI Security Limits
The UK's National Cyber Security Centre declared that prompt injection attacks on LLMs "can't be fully mitigated." Their recommendation: shift from prevention strategies to impact reduction.
This marks the first major government cybersecurity agency to officially acknowledge fundamental limitations in securing AI systems. The timing matters—OpenAI warned separately of "high cybersecurity risk" from frontier AI models the same week.
Takeaways
For security teams, the question remains how you reduce risk across these new attack surfaces when prevention isn't fully achievable.
Microsoft Signals Supply Chain Accountability Shift
Microsoft expanded its bug bounty program to include all third-party and open-source code in online services "in scope by default." Previously, researchers needed pre-approval to report vulnerabilities in dependencies. Now any third-party code flaw in Microsoft's production environment qualifies for bounty rewards.
Takeaways
When the largest software vendor declares third-party code "in scope by default," it signals something about where accountability is heading.
Takeaways
Vulnerabilities in the Wild
This week: 11 disclosed | 5 actively exploited | 2 zero-days
Critical Severity
CVE-2025-55182 - React Server Components (React2Shell)Status: Actively exploited by nation-state actorsSource
GeoServer RCE - GeoServerStatus: Added to KEVSource
CVE-2025-14174 - Apple WebKit (iOS/macOS)Status: Zero-daySource
CVE-2025-43529 - Apple WebKit (iOS/macOS)Status: Zero-daySource
High Severity
Gladinet Hardcoded Keys - Gladinet CentreStack/TriofoxStatus: Actively exploitedSource
CVE-2025-55183 - React Server ComponentsStatus: Patch availableSource
CVE-2025-55184 - React Server ComponentsStatus: Patch availableSource
CVE-2025-67779 - React Server ComponentsStatus: Patch availableSource
Medium Severity
JumpCloud Remote Assist - JumpCloud Remote AssistStatus: Patch availableSource
Notepad++ Updater Flaw - Notepad++Status: Patch availableSource
CVE-2025-66039 - FreePBXStatus: PoC availableSource
Curated Reading List
Thought-Provoking
• SAML Authentication Broken Almost Beyond Repair - Deep technical analysis of authentication bypass vulnerabilities affecting Ruby, PHP, and GitLab SAML implementations that require library rewrites rather than simple patches.
• Catching Malicious Package Releases Using a Transparency Log - Technical implementation guide for using transparency logs to detect malicious package releases, with actionable deployment patterns.
Current Events
• CISA Orders Immediate Patching as GeoServer Flaw Faces Active Exploitation - Federal mandate with compliance deadline for GeoServer RCE vulnerability added to KEV catalog.
• Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw - Sophisticated WebKit zero-day exploitation linked to Chrome vulnerabilities, requiring emergency patching across iOS and macOS.
• JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover - Full system takeover vulnerability during uninstall/update process affecting enterprise remote access infrastructure.
• DORA Compliance Checklist for Cybersecurity - Actionable compliance checklist for EU financial institutions facing DORA enforcement deadlines.
