<ciso brief/>
Tag Banner

All news with #jackpot panda tag

all tags →

Fri, December 5, 2025

Chinese Threat Actors Rapidly Exploit React2Shell Flaw

#Active Exploitation #RCE #Zero-Day #Patch #AWS #React #Earth Lamia #Jackpot Panda

⚠️ Within hours of public disclosure, two China-linked groups began exploiting the newly disclosed CVE-2025-55182 (React2Shell) remote code execution flaw in React Server Components. AWS telemetry from MadPot honeypots attributes activity to Earth Lamia and Jackpot Panda, showing attempts to run discovery commands such as "whoami", write files like "/tmp/pwned.txt", and read sensitive files such as "/etc/passwd". Vendors addressed the bug in React 19.0.1, 19.1.2, and 19.2.1, but attackers are concurrently scanning for other N-day flaws.

read more →