A newly identified exploit toolkit dubbed ILOVEPOOP is actively weaponizing CVE-2025-55182, also known as “React2Shell,” to scan and target vulnerable Next.js and React Server Components (RSC) environments. The findings come from the WXA Internet Abuse Signal Collective (WXA IASC), which correlated NetFlow telemetry, honeypot data, and enrichment datasets to map the infrastructure behind the campaign. […] The post React2Shell Flaw Weaponized by ILOVEPOOP Attack Framework appeared first on Cyber Security News.