Critical CVE in React Server Components Actively Exploited

Aqua Cloud Native Blog

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

Critical CVE in React Server Components Actively Exploited
CVE-2025-55182
A newly disclosed vulnerability in React Server Components (RSC) dubbed as CVE-2025-55182, and also known as React2Shell, has introduced a severe remote code execution (RCE) vector impacting applications built with React 19 and frameworks that rely heavily on RSC, most notably Next.js.
Read more
Popular Posts
From Prompt to Production: Runtime Protection for AI Workloads
From Prompt to Production: Runtime Protection for AI Workloads thumbnail
Securing LLM Apps with Aqua: Beyond the OWASP Checklist
Securing LLM Apps with Aqua: Beyond the OWASP Checklist thumbnail
MCP to Agentic AI: Shaping AI Security for What’s Next
MCP to Agentic AI: Shaping AI Security for What’s Next thumbnail
AI-Generated Malware in Panda Image Hides Persistent Linux Threat
AI-Generated Malware in Panda Image Hides Persistent Linux Threat thumbnail
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
Security Threat
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources thumbnail
CONTAINER SECURITY UNBOXED
How to Set Up Runtime Protection Against Malware Like Kaiji
Kaiji has been exploiting Linux-based servers and IoT devices for years. But what started as a relatively straightforward threat has evolved to become dramatically more sophisticated, employing stealthy persistence measures to stay hidden and stay planted. When dealing with a threat like Kaiji, it’s important that defenders keep pace with the tactics employed. Aqua’s Runtime …
Read more
RUNTIME SECURITY
Selective Memory Dump Technique for Deeper Container Forensic Analysis
Every attack leaves a trail, but in containerized environments, that trail can vanish before you even realize you have been attacked. Containers are short-lived, and attackers exploit this by executing malware in memory, loading hidden payloads, or deploying rootkits, then silently modifying or deleting evidence to cover their tracks. By the time security teams are …
Read more
Subscribe to Aqua Blog
AI SECURITY
Aqua at KubeCon 2025: Securing Cloud Native and AI Apps
Every KubeCon tells a story about where the cloud native world is headed. In 2025, that story is about the evolution of AI from a bad movie script to a core part of enterprise solutions. Cloud native applications and artificial intelligence are now part of the same conversation, with security emerging as the vital connection …
Read more
Aqua Trivy
Security That Speaks Your Language: Trivy MCP Server
What if checking your project for vulnerabilities was as simple as asking a question? Or if your coding AI agent could automatically run a scan every time you changed a Dockerfile? The new Trivy MCP Server makes all that possible, and more.
Read more
SECURITY RESEARCH
Kaiji Malware: Anatomy, Persistence and Detection
Kaiji malware has emerged as a significant threat in recent years, particularly targeting Linux-based servers and IoT devices. This malware is designed to exploit internet connected services and devices to gain unauthorized access to systems. Once inside, Kaiji establishes persistence through various techniques, including creating system services and modifying system configurations.
Read more
AI SECURITY
Aqua Secure AI Wins AI Cybersecurity Solution of the Year
AI applications are at tremendous risk. The complex chain of different components that AI applications depend on to truly push the boundaries of innovation is also what dramatically increases their attack surface, leaving them vulnerable to attackers.
Read more
CONTAINER SECURITY UNBOXED
How to Set Up Runtime Defense Against Threats Like Gafgyt
One of the latest variants of Gafgyt targets Linux-based systems with weak SSH passwords to ultimately install cryptocurrency miners. Aqua Runtime Protection is particularly effective at defending against this variant’s use of fileless execution and its cryptomining payload, enabling enterprises to protect their critical AI infrastructure. Step-by-Step Guide 1. Create a Runtime Policy Log in …
Read more
AI SECURITY
Secure AI Infrastructure On-Premises from Day One
Your company rolls out a new claims system powered by AI. It is fast, efficient, and customers love the experience. Then one day, a single malicious input slips through. The model is tricked into revealing sensitive records, or a workload spins out of control and consumes expensive GPU cycles. What began as a breakthrough quickly …
Read more
AI SECURITY
Navigating the OWASP LLM and GenAI Security Landscape
The rush to adopt generative AI has created an explosion of new security tools targeting different aspects of an increasingly complex landscape. Every week, a solution promises to stop prompt injection, prevent data leakage, or harden models against attack. For security leaders, it can feel overwhelming. Which solutions matter, how do they fit together, and …
Read more
AI SECURITY
Why AI-SPM Alone is Not Enough to Secure AI Workloads
From writing code to serving customers, companies worldwide are capitalizing on AI to enhance their applications and business processes. But this boom is poised to turn into a bust if security can’t keep pace with AI adoption. And make no mistake: LLMs and AI services, whether they are consumed by the application or hosted and …
Read more
CONTAINER SECURITY
A Brief History of Containers: From the 1970s Till Now
When we first published this blog post in 2017, the technology landscape for containers was quite different than it is today. Over the past few years, we have seen significant changes take place that have affected, and continue to affect how Containers are adopted. Read on to understand the changes and developments we saw and …
Read more
Page 1 of 3912345Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Policy | Your Privacy Choices |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links