InfoWorld

Hands-on with React Server Components

Unlike server-side rendering, React Server Components aim to fully replace client-side functionality with work done on the server. Let’s see how this works. React remains a flagship among front-end ...
Business Insider

Criminal IP Reveals Global React2Shell RCE Exposure Across React Server Components

TORRANCE, Calif., Dec. 12, 2025 (GLOBE NEWSWIRE) -- In December 2025, the critical React Server Components (RSC) vulnerability known as React2Shell (CVE-2025-55182) was publicly disclosed, revealing a ...
InfoWorld

The best new features in Next.js 13

Next.js 13 brings a slew of new features, including the new Turbopack bundler, support for React Server Components, and more. Let's get started with Next.js 13. Next.js is like React with benefits, in ...
Digit

Cloudflare says its WAF is already protecting users from new React security flaws: Here what it means

The world is in shock as one of the most widely used JavaScript libraries just announced that they have discovered a security issue in the React Server Components, which are one of the most commonly ...
NextBigFuture

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly disclosed. Shortly after publication, multiple ...
Ars Technica

Admins and defenders gird themselves against maximum-severity server vuln

Security defenders are girding themselves in response to the disclosure of a maximum-severity vulnerability disclosed Wednesday in React Server, an open-source package that’s widely used by websites ...
Fireship on MSN

React developers are in a civil war and Next.js is watching

React used to be simple, fun, and mostly predictable. Somewhere along the way, it grew server components, suspense, and a dependency on vibes. Developers are now split between those who want ...