12/03/2025-12/10/2025 Critical RSC Bugs in React and Next.js; Malicious VS Code, Go, npm, and Rust Packages; Critical Apache Tika Vulnerability And More

1. Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

A critical vulnerability, CVE-2025-55182 (React2shell, CVSS 10.0), enables unauthenticated remote code execution in React Server Components. The flaw stems from unsafe deserialization of React Flight protocol payloads. An attacker can send a crafted HTTP request to any Server Function endpoint, achieving arbitrary JavaScript execution on the server with the Node.js process privileges. It impacts React versions 19.0-19.2.0 in packages like react-server-dom-webpack. Patched versions are 19.0.1, 19.1.2, and 19.2.1. The vulnerability also affects Next.js (App Router) and other RSC-bundling libraries. No special setup is required; standard deployments are immediately exploitable. Researchers warn over 968,000 servers may be exposed. Until patching, recommendations include deploying WAF rules (provided by Cloudflare, AWS, etc.), monitoring traffic, and restricting network access. Immediate patching is crucial due to the flaw’s severity and broad reach.

2. China-Nexus Hackers Actively Exploiting React2Shell Vulnerability in the Wild

China-nexus threat groups began exploiting the new React2Shell vulnerability (CVE-2025-55182) only hours after it was publicly disclosed. Activity tied to groups like Earth Lamia and Jackpot Panda shows active testing of proof-of-concept exploits, including commands like whoami, id, and writing files to /tmp. A typical attack uses a crafted POST request to the /_rsc endpoint to abuse unsafe deserialization and trigger server-side JavaScript execution. Teams are urged to monitor for suspicious headers and unexpected Node.js child processes.

3. Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have found two malicious Microsoft Visual Studio Code (VS Code) extensions that infect developer machines with stealer malware. The extensions pretend to be a premium dark theme and an AI coding assistant but secretly download extra payloads, take screenshots, and steal data such as WiFi passwords, clipboard content, and browser sessions. The stolen information is sent to an attacker-controlled server. The extensions BigBlack.bitcoin-black and BigBlack.codo-ai were removed by Microsoft in early December 2025, along with a third related package, BigBlack.mrbigblacktheme. One extension activated on every VS Code action, while the AI tool hid its malicious functions inside a working feature.
Earlier versions downloaded a password-protected ZIP file via PowerShell, while later ones used a batch script with curl to fetch the malware. The main payload used DLL hijacking to collect system info and browser cookies. The case highlights ongoing threats, as similar malicious packages have also been found in the Go, npm, and Rust ecosystems.

4. Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks

A critical security flaw in the Sneeit Framework WordPress plugin is being actively exploited. The remote code execution bug, CVE-2025-6389 (CVSS 9.8), affects all versions up to 8.3 and was patched in version 8.4. With more than 1,700 active installations, the flaw allows unauthenticated attackers to execute arbitrary PHP functions and create malicious admin accounts, enabling full site takeover.

Exploitation began on November 24, 2025, the day the issue was disclosed. Wordfence has blocked more than 131,000 attack attempts, including over 15,000 in the past 24 hours. Attackers have used crafted requests to create rogue users and upload backdoor PHP files such as “tijtewmg.php,” “xL.php,” and “simple.php.” Some attacks also download an .htaccess file from an external server to enable script execution.

In a related development, VulnCheck reported new attacks exploiting a flaw in ICTBroadcast (CVE-2025-2611) to deploy the Frost DDoS botnet, which spreads selectively and targets vulnerable systems.

5. Critical Apache Tika Vulnerability Leads to XXE Injection

A critical vulnerability in the Apache Tika analysis toolkit could let attackers perform XML External Entity (XXE) injection attacks. Apache Tika is widely used as a universal parser for extracting data from many file types, making the flaw especially dangerous.

The issue, CVE-2025-66516 (CVSS 10), affects the tika-core, tika-pdf-module, and tika-parsers components. Attackers can exploit it using crafted XFA files hidden inside PDFs on any platform. Successful XXE attacks can lead to data leaks, SSRF, DoS, or even remote code execution.

The bug expands on a previous issue, CVE-2025-54988, disclosed in August, which required updates to both tika-core and the PDF parser. The new vulnerability fixes gaps left in older 1.x and 3.x releases. Patches are available in tika-core 3.2.2, tika-parser-pdf-module 3.2.2, and tika-parsers 2.0.0. Users and developers are urged to update immediately, as the affected modules are widely used as dependencies.

6. AI Coding Tools Such as Copilot and Amazon Q Exposed to Over 30 Security Flaws

AI coding assistants like GitHub Copilot and Amazon Q are introducing serious security risks. Recent research has uncovered over 30 critical vulnerabilities across these tools, enabling threats such as data theft and remote code execution. These flaws often exist within IDE extensions, which operate with high privileges to access files and networks. Attackers can exploit weaknesses like command injection to siphon confidential information or run malicious commands without user detection. The opaque, non-deterministic nature of AI models makes them susceptible to adversarial prompts that generate insecure code.

The consequences are real, with documented incidents of data leaks and authentication bypasses in financial technology firms. These vulnerabilities can propagate flawed code into production systems at scale. Furthermore, the AI software supply chain is a growing concern, as attackers use generative AI to create malicious packages on public repositories.

Experts recommend sandboxing AI tools, routinely auditing AI-generated code, employing automated vulnerability scanners, and training developers on secure prompt engineering to mitigate these evolving threats.