© 2026 Hashnode
Executive Summary On one of our AWS EC2 servers running a Next.js development environment, we discovered an active exploitation of the React2Shell vulnerability (CVE-2025-55182 / CVE-2025-66478). The attacker successfully installed cryptocurrency min...

As an authorized junior developer I was assigned a pentesting task. Something new with not much expertise, however problem-solving from computer science field got my back. Spoiler: the vulnerability was already patched. I just didn't know it yet. Th...
