#earth-lamia

[ follow ]
#react-server-components #cve-2025-55182-react2shell #jackpot-panda #cybersecurity #sap-netweaver
fromThe Hacker News
1 week ago

Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability

Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it becoming public knowledge. The vulnerability in question is CVE-2025-55182 (CVSS score: 10.0), aka React2Shell, which allows unauthenticated remote code execution. It has been addressed in React versions 19.0.1, 19.1.2, and 19.2.1. According to a new report shared by Amazon Web Services (AWS), two China-linked threat actors known as Earth Lamia and Jackpot Panda have been observed attempting to exploit the maximum-severity security flaw.
Information security
Tech industry
fromThe Hacker News
6 months ago

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

A China-linked threat actor is exploiting critical SAP NetWeaver vulnerabilities against organizations in Asia and Brazil since 2023.
The threat actor targets SQL injection vulnerabilities to infiltrate organizations.
[ Load more ]