InfoQ

Vercel Releases React Best Practices Skill with 40+ Performance Rules for AI Agents

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

JavaScript: React moves to its own foundation under the Linux Foundation

The JavaScript library is now under the umbrella of the Linux Foundation, a new foundation takes over ownership and will organize governance in the future.

Jonathan Kuminga shines in his Atlanta debut after trade by the Warriors

After riding the bench in Golden State, Jonathan Kuminga finally got a chance to shine for the Atlanta Hawks. He sure made ...

No. 24 Wisconsin moves back into Top 25 by displaying a knack for beating Big Ten’s best teams

The Wisconsin men's basketball team entered 2026 lacking quality wins and needing to upgrade its NCAA Tournament resume in a hurry.

Video: Dam opened for first time in a century after winter storms filled reservoir

Following a winter of storms the Los Caballeros dam in southern Spain was forced to release water on today for the first time in more than a century, after its reservoir edged 100% capacity.
IEEE

REACT: Remainder Adaptive Compensation for Domain Adaptive Object Detection

Abstract: Domain adaptive object detection (DAOD) aims to infer a robust detector on the target domain with the labelled source datasets. Recent studies utilize a feature extractor shared on the ...
CoinDesk

New React bug that can drain all your tokens is impacting 'thousands of' websites

A critical vulnerability in React Server Components is being actively exploited by multiple threat groups, putting thousands of websites — including crypto platforms — at immediate risk with users ...
Microsoft

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...
SecurityWeek

Exploitation of React2Shell Surges

An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. An increasing number of threat actors have been attempting to exploit the ...
The Hacker News

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) ...