LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability

LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell ...
MIT Technology Review

The Download: an AI agent’s hit piece, and preventing lightning

Scott Shambaugh didn’t think twice when he denied an AI agent’s request to contribute to matplotlib, a software library he helps manage. Then things got weird.
Fox News

Women's sports activists react after boxer Imane Khelif makes confession about biological sex

Boxer Imane Khelif admitted to having the SRY gene, located on the Y chromosome, which is found in biological males, and undergoing hormone treatments to lower testosterone levels ahead of the 2024 ...
New York Daily News

After Mamdani’s snow day plug, ‘Heated Rivalry’ book downloads surge at NY Public Library

The racy book series behind HBO’s smash “Heated Rivalry” got a major Mamdani bump in readership over the weekend — after the mayor recommended snowed-in New Yorkers download one of the hot-and-heavy ...
Chicago Tribune

‘Heated Rivalry’ book downloads surge at NY Public Library after Mayor Zohran Mamdani’s snow day plug

The racy book series behind HBO’s smash “Heated Rivalry” got a major Mamdani bump in readership over the weekend — after the mayor recommended snowed-in New Yorkers download one of the hot-and-heavy ...
The New York Times

After Mamdani Nods to ‘Heated Rivalry,’ Library E-Book Downloads Surge

As a snowstorm arrived, Mayor Zohran Mamdani reminded New Yorkers that they could access the romance series that inspired the TV show through their public library. By Liam Stack Liam Stack has watched ...
cryptonews

Major JavaScript Library Breach Puts All Crypto Websites at Risk

Critical React Server Components flaw enables remote code execution, prompting urgent crypto industry warnings as attackers exploit CVE-2025-55182 to drain wallets and deploy malware across vulnerable ...
financefeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers have exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on cryptocurrency platforms. The React team released a patch on ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

A remote code execution (RCE) vulnerability in the React JavaScript library, which earlier today caused disruption across the internet as Cloudflare pushed mitigations live on its network, is now ...
Dark Reading

React2Shell Vulnerability Under Attack From China-Nexus Groups

A critical vulnerability affecting the popular open source JavaScript library React is under attack — by none other by Chinese nation-state threat actors. CVE-2025-55182, which was disclosed Wednesday ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Bleeping Computer

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...