Breaking 15:40 Morocco elected unanimously to the African Commission on Nuclear Energy 15:32 Europe faces severe heatwave as temperatures exceed 35°C across the continent 15:15 South Korea court sentences former first lady to seven years in prison over corruption case 14:51 FIFA introduces yellow card amnesty for 2026 World Cup knockout stages 14:45 Death toll rises to 589 after devastating Venezuela earthquake 14:32 Morocco set to enhance F-16 fleet with advanced long-range air-to-air missiles 14:15 Aminux and Karima Ghayth light up Mawazine’s Nahda stage 14:00 Achraf Hakimi inspires Morocco to new World Cup possession record 13:45 Ameen Boudchar continues international rise with major summer festival tour 13:34 Moroccan national team receives key to New Jersey town during 2026 World Cup 13:22 IMF says normalization of energy and commodity prices will take time 13:05 Rafael Grossi says the United Nations is losing relevance but can still be reformed 12:45 New York approves rent freeze on one million apartments in major policy victory for Mayor Mamdani 12:27 UN report highlights gradual recovery of shipping traffic through the Strait of Hormuz 12:12 FIFA Introduces Subtle Changes to Player of the Match Awards at World Cup 2026 11:49 Pentagon considers expanding AI role in military targeting, Bloomberg reports 11:30 Morocco highlights anti-corruption prevention as key pillar for human rights protection in Geneva 11:11 Economist's World Cup Prediction Sparks Global Debate 10:45 Andy Burnham set to become UK prime minister after Labour leadership race 10:29 US Supreme Court strikes down Hawaii law restricting concealed firearms on private property 10:23 France: Heatwave leads to surge in drownings, 55 deaths reported 10:15 European Union gives final approval to trade agreement with the United States 10:00 Facebook launches AI-powered assistant for content creators 09:44 Morocco Showcases Its Vision for Artificial Intelligence and Digital Sovereignty at the United Nations 09:31 Death toll rises to 235 after Venezuela earthquakes as US deploys support forces 09:23 Morocco to Face the Netherlands in the 2026 FIFA World Cup Round of 32 09:09 Morocco Sends Nine Tons of Medical Aid to Support Ebola Response in DR Congo 08:47 Morocco’s Trade With Africa Reaches $9.5 Billion in 2025 08:30 Morocco Tops Arab National Teams by Market Value at the 2026 FIFA World Cup 08:12 Venezuela’s Earthquake Death Toll Rises to 188 as Rescue Operations Continue 07:25 Press Review: Government, Transport, Diplomacy, and the 2026 World Cup Dominate the News 07:09 HM King Mohammed VI congratulates Nabil Fahmy on his election as Secretary-General of the Arab League 20:00 Russia Condemns UN Decision to Keep It on Child Rights Violations List in Ukraine 19:36 Samsung Named Morocco’s Most Admired Electronics Brand in Brand Africa Ranking 19:19 European Union Expands Financial Support for Ukraine Amid Rising Economic Pressures 19:00 Morocco Strengthens Its Role as a Strategic Trade Hub Between China, Africa, and Europe 18:46 US Economy Regains Momentum in Early 2026 Amid Stronger Growth Data 18:32 United States-Morocco: Washington Prepares a Strategic Military Partnership Until 2036 18:30 Ebola in the DRC: Morocco Strengthens MONUSCO's Efforts with Emergency Medical Aid 18:28 World Cup 2026: The Moroccan Embassy in Mexico Issues Practical Guide for Atlas Lions Supporters 18:25 IAEA expects inspections of Iran’s nuclear facilities under new framework agreement 18:13 Crédit du Maroc appoints Mehdi Qalbi to lead CDM Salaf to accelerate its development 18:08 Apple raises global product prices amid rising AI chip costs 17:52 Meta explores prediction markets with new Arena platform 17:33 Gold Price Decline Seen as Temporary Correction, Says World Gold Council 17:20 Royal Air Maroc launches special flights to Monterrey for Lions de l'Atlas supporters 17:17 Indonesia tightens cryptocurrency promotion rules for social media influencers 17:15 Earthquakes in Venezuela: UN Intensifies Support for Relief Operations 16:54 European rearmament plans face challenges despite rising defense spending 16:38 Washington rejects fees on international waterways amid Strait of Hormuz debate 16:16 Czech court orders inclusion of President Pavel in NATO summit delegation amid constitutional dispute 15:55 World Health Organization expects end of hantavirus outbreak by early July

Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation

Tuesday 16 December 2025 - 18:50
Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation

Microsoft has issued an urgent security advisory to address a severe remote code execution (RCE) vulnerability known as React2Shell, which affects React Server Components and several Next.js versions. The flaw, tracked as CVE-2025-55182, has been classified with the highest severity score of 10.0 and is already being exploited in large-scale attacks compromising both Windows and Linux systems.

Widespread exploitation across multiple actors

Within days of disclosure, cybersecurity teams detected widespread exploitation of React2Shell by state-linked and criminal groups. Multiple threat intelligence divisions confirmed that the attacks originated largely from China-based entities, including organized campaigns led by advanced threat actors. These groups rapidly exploited the vulnerability to deploy remote access tools, cryptocurrency miners, and credential-stealing malware across cloud and enterprise networks.

Analysts reported that affected systems were often used to harvest credentials from cloud environments such as Azure, Google Cloud Platform, Amazon Web Services, and Tencent Cloud. Cybercriminals have also been injecting malicious scripts into legitimate cryptocurrency websites, compromising users' wallets and tokens. Tools like TruffleHog and Gitleaks were detected scanning repositories for sensitive information, including API keys and Kubernetes credentials.

Strong mitigation urged amid active campaigns

Microsoft is urging all developers and organizations to update immediately to React versions 19.0.1, 19.1.2, or 19.2.1 and compatible Next.js versions now patched against the flaw. The company has enhanced detection capabilities within Microsoft Defender XDR and rolled out automatic protections to block active exploitation attempts. Azure Web Application Firewall users can also implement preconfigured rules to halt malicious traffic temporarily while updates are deployed.

Security teams are advised to prioritize patching internet-exposed systems, rotate compromised credentials, and verify the integrity of any impacted container or virtual machine environments. Microsoft Defender for Cloud has added scanning features to identify vulnerable assets rapidly, offering vital visibility for organizations responding to this urgent threat.

Keywords:



Latest News
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Microsoft urges a balanced approach to artificial intelligence and the future of work Business Microsoft urges a balanced approach to artificial intelligence and the future of work
Chevron and Microsoft bet on natural gas to power artificial intelligence data centers Technology Chevron and Microsoft bet on natural gas to power artificial intelligence data centers
New Windows Defender zero-day enables system privileges escalation Technology New Windows Defender zero-day enables system privileges escalation
Microsoft pushes in-house AI as Anthropic costs come under scrutiny Technology Microsoft pushes in-house AI as Anthropic costs come under scrutiny

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.