The Protocol: Bug that can drain all your tokens impacting 'thousands' of sites

Network News - A critical vulnerability in React Server Components, tracked as CVE-2025-55182 and nicknamed React2Shell, is actively exploited by multiple threat groups, putting thousands of websites, including crypto platforms, at risk of having users' assets drained [1] - The flaw allows attackers to execute code remotely on affected servers without authentication, with widespread exploitation observed shortly after its disclosure [1] - The bug affects React versions 19.0 through 19.2.0, including packages used by popular frameworks such as Next.js, and merely having the vulnerable packages installed can allow exploitation [1] Ripple Developments - Ripple is expanding its U.S. dollar-backed stablecoin, RLUSD, to Ethereum layer-2 (L2) blockchains, including Optimism, Coinbase's Base, Kraken's Ink, and Uniswap's Unichain, aiming to deepen its integration into the multichain ecosystem [2] - The company is starting with a test phase ahead of a wider rollout expected next year, pending regulatory approval from the New York Department of Financial Services (NYDFS) [2] - The pilot integrates Wormhole's Native Token Transfers (NTT) standard, allowing RLUSD to move natively across chains without wrapping or synthetic assets, which helps maintain liquidity and regulatory control [2]