AWS Updates - 2025-12-05

AWS Security Blog

China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)

• Link: https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/
• Published: 2025-12-05

December 29, 2025: The blog post was updated to add options for AWS Network Firewall. December 12, 2025: The blog post was updated to clarify when customers need to update their ReactJS version. Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December 3, 2025, Amazon threat intelligence teams observed active exploitation attempts by […]