Monthly Archive

React2Shell (CVSS 10.0): Patch React & Next.js NOW | Unauth RCE Explained

Feb 27, 2026 By Sysdig In Sysdig

A maximum-severity vulnerability is hitting React Server Components - and if you're running Next.js, you may be vulnerable by default. React disclosed CVE-2025-55182, nicknamed React2Shell, an unauthenticated remote code execution (CVSS 10.0) affecting React Server Components via the Flight protocol. Next.js tracks downstream exposure as CVE-2025-66478: That means internet-wide scanning is likely. Who’s affected?

View Video

Sysdig

Read more about React2Shell (CVSS 10.0): Patch React & Next.js NOW | Unauth RCE Explained

New #cve in #react and #nextjs needs a #patch #devsecops #vulnerabilitymanagement #reactredux

Feb 26, 2026 By Sysdig In Sysdig

View Video

Sysdig

Read more about New #cve in #react and #nextjs needs a #patch #devsecops #vulnerabilitymanagement #reactredux

Vibe Coding & AI Coding Assistants: Who Secures AI-Generated Code?

Feb 12, 2026 By Sysdig In Sysdig

84% of developers are using or planning to use AI tools in their workflow (Stack Overflow, 2025). AI coding assistants like Codex, GitHub Copilot, and CodeWhisperer are changing how we build software. But here’s the real question: Who secures AI-generated code? In this video, we break down: If you’re using AI to write code, you need: AI-generated code is still code. It must be reviewed, validated, and monitored.

View Video