Fake GitHub Scanner for CVE-2025-55182 (React2Shell) Distributes Malware Targeting Developers

A malicious GitHub repository has been identified posing as a vulnerability scanner for CVE-2025-55182, dubbed "React2Shell." The repository claims to detect a critical vulnerability affecting React applications but actually distributes malware designed to execute arbitrary code on infected systems. The campaign specifically targets developers and security researchers interested in this purported vulnerability, which appears to be fabricated as no official documentation exists for CVE-2025-55182. This incident highlights the ongoing risk of supply chain attacks via open-source platforms, where threat actors exploit trust in community-driven development. The malware's capabilities include remote code execution, potentially leading to system compromise, data exfiltration, or further lateral movement within networks. Security professionals should exercise extreme caution when using tools from unverified sources, particularly those claiming to address unpublished vulnerabilities. Always validate repository authenticity through commit history, contributor activity, and community feedback before execution.