Network News - A critical vulnerability in React Server Components, tracked as CVE-2025-55182 and nicknamed React2Shell, is actively exploited by multiple threat groups, putting thousands of websites, including crypto platforms, at risk of having users' assets drained [1] - The flaw allows attackers to execute code remotely on affected servers without authentication, with widespread exploitation observed shortly after its disclosure [1] - The bug affects React versions 19.0 through 19.2.0, including packages used by popular frameworks such as Next.js, and merely having the vulnerable packages installed can allow exploitation [1] Ripple Developments - Ripple is expanding its U.S. dollar-backed stablecoin, RLUSD, to Ethereum layer-2 (L2) blockchains, including Optimism, Coinbase's Base, Kraken's Ink, and Uniswap's Unichain, aiming to deepen its integration into the multichain ecosystem [2] - The company is starting with a test phase ahead of a wider rollout expected next year, pending regulatory approval from the New York Department of Financial Services (NYDFS) [2] - The pilot integrates Wormhole's Native Token Transfers (NTT) standard, allowing RLUSD to move natively across chains without wrapping or synthetic assets, which helps maintain liquidity and regulatory control [2]

Core Insights - Cloudflare experienced a significant outage affecting 28% of global websites due to internal errors rather than external attacks, marking the second incident in two weeks [2][3] Group 1: Incident Details - The outage on December 5 was caused by Cloudflare's attempts to address a serious vulnerability in React Server Components, leading to HTTP 500 errors [2] - The issue stemmed from a combination of expanding the WAF buffer and disabling an internal testing tool, which inadvertently triggered a long-dormant Lua bug in the old FL1 proxy [2][3] - The affected clients were those using the old proxy with managed rule sets, which accounted for a significant portion of traffic [3] Group 2: Systemic Issues - The incident highlighted the risks associated with legacy code, as the Lua code, established in 2009, could not be fully replaced, allowing bugs to resurface years later [3] - Cloudflare's new FL2 version, rewritten in Rust, does not have these issues, indicating a need for modernization [3] - The company has committed to freezing all network changes and prioritizing improvements in its release processes and emergency response capabilities [3] Group 3: Broader Implications - The repeated incidents underscore a critical challenge in internet infrastructure: preventing updates from causing system failures, which is becoming more urgent than merely defending against attacks [3]