React2Shell (CVE-2025-55182), 41% of Infostealer Victims Infected by Video Game Files

On this episode of Leaky Weekly, host and security researcher Nick Ascoli discusses findings from Flare Research including:

• React2Shell (CVE-2025-55182) vulnerability and threat actor chatter
• Findings from analysis of 50,000 stealer log infections

He also mentions instructions for a giveaway for CTF players who would like another shot at unlocking a shirt from a past challenge…

Here are the resources on the stories:

• React2Shell Detailed Report (Lachlan Davis) http://react2shell.com
• React2Shell (CVE-2025-55182): A Critical RCE in React Server Components (Flare): https://flare.io/learn/resources/blog/react2shell-cve-2025-55182/?utm_source=Social&utm_medium=Flare+Podcast&utm_campaign=Leaky+Weekly&utm_content=E18
• How Gamers Became Cybercrime’s Favorite Target: Analysis of 50,000 Infostealer Infections (Flare): https://flare.io/learn/resources/cybercrime-favorite-target-gamers/?utm_source=Social&utm_medium=Flare+Podcast&utm_campaign=Leaky+Weekly&utm_content=E18

Brought to you by Flare, Threat Exposure Management solution and industry-leading dataset on cybercrime that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization: https://try.flare.io/free-trial/?utm_source=Social&utm_medium=Flare+Podcast&utm_campaign=Leaky+Weekly&utm_content=E18

Check out Flare Academy: https://flare.io/flare-academy/?utm_source=Social&utm_medium=Flare+Podcast&utm_campaign=Leaky+Weekly&utm_content=E18

• Our free training series led by experts on critical topics such as threat intelligence, operational security, and advanced investigation techniques (earn CPE credits towards cybersecurity certifications)
• Our Discord community is a space to learn from and with cybersecurity professionals (including Nick!) and students, check out previous training resources, and keep up with upcoming training