Breaking 20:00 Russia Condemns UN Decision to Keep It on Child Rights Violations List in Ukraine 19:36 Samsung Named Morocco’s Most Admired Electronics Brand in Brand Africa Ranking 19:19 European Union Expands Financial Support for Ukraine Amid Rising Economic Pressures 19:00 Morocco Strengthens Its Role as a Strategic Trade Hub Between China, Africa, and Europe 18:46 US Economy Regains Momentum in Early 2026 Amid Stronger Growth Data 18:32 United States-Morocco: Washington Prepares a Strategic Military Partnership Until 2036 18:30 Ebola in the DRC: Morocco Strengthens MONUSCO's Efforts with Emergency Medical Aid 18:28 World Cup 2026: The Moroccan Embassy in Mexico Issues Practical Guide for Atlas Lions Supporters 18:25 IAEA expects inspections of Iran’s nuclear facilities under new framework agreement 18:13 Crédit du Maroc appoints Mehdi Qalbi to lead CDM Salaf to accelerate its development 18:08 Apple raises global product prices amid rising AI chip costs 17:52 Meta explores prediction markets with new Arena platform 17:33 Gold Price Decline Seen as Temporary Correction, Says World Gold Council 17:20 Royal Air Maroc launches special flights to Monterrey for Lions de l'Atlas supporters 17:17 Indonesia tightens cryptocurrency promotion rules for social media influencers 17:15 Earthquakes in Venezuela: UN Intensifies Support for Relief Operations 16:54 European rearmament plans face challenges despite rising defense spending 16:38 Washington rejects fees on international waterways amid Strait of Hormuz debate 16:16 Czech court orders inclusion of President Pavel in NATO summit delegation amid constitutional dispute 15:55 World Health Organization expects end of hantavirus outbreak by early July 15:36 Morocco coach praises team unity after Haiti victory and World Cup Round of 32 qualification 15:19 Tanger Med strengthens Morocco’s global trade position as a strategic logistics hub 15:13 Ryad Mezzour Highlights Morocco's Industrial Strengths to a MEDEF Delegation 15:05 Rema lights up Mawazine 2026 with electrifying performance in Rabat 14:55 Google Warns of Rise in AI-Powered Cyberattacks 14:34 Rising Ferry Prices Between Spain and Morocco Raise Concerns 14:30 Rubio warns that proposed Strait of Hormuz transit fees could trigger global maritime disruption 14:14 Mustapha Baitas announces Morocco's definitive return to GMT legal time 14:14 Ismael Saibari Makes World Cup History with Three Consecutive Scoring Matches for Morocco 13:53 Mawazine festival blends music and football in a vibrant night featuring Chami and Hatim Ammor 13:36 Food Security: Prime Minister to Address the House of Councillors 13:23 Ebola outbreak in the Democratic Republic of the Congo claims 291 lives as cases rise 13:01 Federal Reserve overhauls banking supervision structure to boost efficiency and transparency 12:42 Lionel Messi continues World Cup brilliance at 39, extending his legendary record 12:21 Trump Pledges Immediate Aid to Venezuela After Devastating Earthquakes 12:14 Morocco to Return to Legal GMT Time at Summer's End, Announces Aziz Akhannouch 12:00 Trump requests $87.6 billion from Congress to cover Iran conflict costs and military replenishment 11:47 Venezuela earthquake death toll rises to 164 after twin powerful quakes 11:30 Rubio strengthens Gulf diplomacy amid rising tensions over Iran and the Strait of Hormuz 11:28 King Mohammed VI congratulates the President of Slovenia on National Day 11:11 Fawzi Lekjaa Emerges as a Key Figure in Morocco’s Political and Sporting Landscape 10:45 Anthropic unveils Claude Tag, an AI teammate designed for Slack collaboration 10:39 HM King Mohammed VI congratulates the Emir of Qatar on the anniversary of his accession to power 10:38 Morocco-Colombia: The Message from King Mohammed VI Praised by Elected President Abelardo De La Espriella 10:27 OpenAI unveils Jalapeño, Its first AI chip to accelerate inference 10:18 Artificial intelligence challenges Google’s search dominance despite its continued leadership 09:57 International Olympic Committee strengthens commitment to sporting neutrality 09:31 UN Chief António Guterres Calls for Greater Transparency on AI’s Climate Impact 09:28 Online Protection for Minors: Australia's Model Faces Its First Limits 09:14 Powerful earthquakes strike central Venezuela 09:00 Offset replaces Tyga at Mawazine 2026 festival 08:41 Russia marks 80 years of diplomatic engagement at the United Nations 08:21 Global oil markets face widening discounts amid rising supply pressures 08:08 European Union moves closer to approving $111 billion media merger 07:46 Trump urges defense companies to accelerate weapons production and strengthen military stockpiles 07:33 World Cup 2026 breaks viewing and attendance records as global enthusiasm reaches new heights 07:15 Elon Musk Says Humanoid Robots Could Reduce the Importance of Money in the Future

Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation

Tuesday 16 December 2025 - 18:50
Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation

Microsoft has issued an urgent security advisory to address a severe remote code execution (RCE) vulnerability known as React2Shell, which affects React Server Components and several Next.js versions. The flaw, tracked as CVE-2025-55182, has been classified with the highest severity score of 10.0 and is already being exploited in large-scale attacks compromising both Windows and Linux systems.

Widespread exploitation across multiple actors

Within days of disclosure, cybersecurity teams detected widespread exploitation of React2Shell by state-linked and criminal groups. Multiple threat intelligence divisions confirmed that the attacks originated largely from China-based entities, including organized campaigns led by advanced threat actors. These groups rapidly exploited the vulnerability to deploy remote access tools, cryptocurrency miners, and credential-stealing malware across cloud and enterprise networks.

Analysts reported that affected systems were often used to harvest credentials from cloud environments such as Azure, Google Cloud Platform, Amazon Web Services, and Tencent Cloud. Cybercriminals have also been injecting malicious scripts into legitimate cryptocurrency websites, compromising users' wallets and tokens. Tools like TruffleHog and Gitleaks were detected scanning repositories for sensitive information, including API keys and Kubernetes credentials.

Strong mitigation urged amid active campaigns

Microsoft is urging all developers and organizations to update immediately to React versions 19.0.1, 19.1.2, or 19.2.1 and compatible Next.js versions now patched against the flaw. The company has enhanced detection capabilities within Microsoft Defender XDR and rolled out automatic protections to block active exploitation attempts. Azure Web Application Firewall users can also implement preconfigured rules to halt malicious traffic temporarily while updates are deployed.

Security teams are advised to prioritize patching internet-exposed systems, rotate compromised credentials, and verify the integrity of any impacted container or virtual machine environments. Microsoft Defender for Cloud has added scanning features to identify vulnerable assets rapidly, offering vital visibility for organizations responding to this urgent threat.

Keywords:



Latest News
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Microsoft urges a balanced approach to artificial intelligence and the future of work Business Microsoft urges a balanced approach to artificial intelligence and the future of work
Chevron and Microsoft bet on natural gas to power artificial intelligence data centers Technology Chevron and Microsoft bet on natural gas to power artificial intelligence data centers
New Windows Defender zero-day enables system privileges escalation Technology New Windows Defender zero-day enables system privileges escalation
Microsoft pushes in-house AI as Anthropic costs come under scrutiny Technology Microsoft pushes in-house AI as Anthropic costs come under scrutiny

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.