React Server Components (RSC) and Server Functions in React 19 are at the center of a new critical vulnerability, CVE‑2025‑55182 , widely referred to as React2Shell . The issue is rated CVSS 10.0  and allows an unauthenticated remote attacker to achieve remote code execution (RCE)  on servers handling RSC traffic. In this post we’ll briefly cover the impact, who is affected, what you should do now, and how open-appsec and CloudGuard WAF (open-appsec's enterprise edition) provide preemptive...

On March 24, 2025, WIZ Research disclosed critical vulnerabilities in the Kubernetes Ingress NGINX Controller that allow unsanitized user...

This article describes how we tested the efficacy of several leading WAF solutions in real-world conditions and the test's striking results.