Our network scanning and package scanning both caught this.

Not to be flippant, but if you host Server Side Rendered react on the public internet and you're just hearing about this now, that's a skill issue.

No one off of HN? (624 points, 267 comments) https://news.ycombinator.com/item?id=46136026

Nice AI slop.

Considering the scant or nonexistent details of what allegedly happened to the author, and the listicle of generic information about this vulnerability, I'm sure this didn't even happen, at least not to the author.

Posted on Medium by an account whose only other article is an AI slop article about MCP. Profile picture is AI as well.

AI slop article, author doesn’t even attempt to hide it.