Chrome Fortifies AI Defenses, North Korean Actors Exploit React2Shell

Google Chrome Adds Layered Defenses Against Indirect Prompt Injection

• Google has implemented new layered defenses in Chrome to mitigate indirect prompt injection threats that target AI-powered features integrated within the browser.
• These protections, detailed in a recent research paper, utilize techniques like “AI-enhanced parsing” and “trust boundaries” to prevent malicious web content from manipulating browser-integrated AI models.
• The initiative aims to isolate user-generated prompts from potentially adversarial content on web pages, ensuring AI responses are based on trusted input and not surreptitiously influenced.

Source: The Hacker News | Date: December 11, 2025

North Korea-Linked Actors Exploit React2Shell to Deploy EtherRAT Malware

• North Korea-linked threat actors, specifically the ScarCruft group (aka APT37), are actively exploiting a web application vulnerability dubbed “React2Shell” to deploy new EtherRAT malware.
• The React2Shell flaw, often stemming from Server-Side Template Injection (SSTI) and similar web application weaknesses, allows remote code execution by manipulating templates in web applications that browsers interact with.
• Security tools like Burp Suite have integrated detection capabilities for React2Shell vulnerabilities, enabling developers to identify and remediate these critical web application flaws and protect against such campaigns.

Source: The Hacker News | Date: December 11, 2025

References

1. Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats - The Hacker News
2. North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware - The Hacker News
3. North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks - BleepingComputer
4. Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities - Cybersecurity News