Tag: Next.js
-
Open Proxy Risk: High-Severity Next.js SSRF Flaw Exposes Cloud Metadata Endpoints
The development framework Next.js has remediated a critical security vulnerability, designated as CVE-2026-44578, which afflicts applications deployed on self-hosted infrastructure utilizing the embedded Node.js server runtime. The flaw manifests as a Server-Side Request Forgery (SSRF) vector, a vulnerability class that permits an adversary to coerce the vulnerable host into dispatching arbitrary requests toward internal or…
-
The AI Weak Link: How a Third-Party Breach Exposed Vercel Customer Secrets
The month of April concluded for the American firm Vercel with a distressing incident that precipitously transcended the boundaries of a mere internal complication. Adversaries secured unauthorized ingress into a segment of the company’s infrastructure, and with it, access to a collection of proprietary customer data. Vercel operates as a premier cloud platform dedicated to…
-
UAT-10608 Collective Hijacked 700+ Next.js Servers in Hours
Cybersecurity specialists have chronicled a voluminous, automated campaign for credential harvesting that, within a mere matter of hours, besieged hundreds of servers across the globe. The offensive unfolded with minimal human intervention, preying upon a vulnerability within ubiquitous web applications to transmute them into fountains of confidential intelligence. The Cisco Talos vanguard has unmasked the…
-
Beyond the Shell: Critical React2Shell Exploit Hits Japan to Deploy Stealthy ZnDoor RAT
Since early December 2025, SOC teams in Japan have been observing a wave of attacks exploiting React2Shell (CVE-2025-55182)—a remote code execution vulnerability in React/Next.js that already has a public proof of concept and is now being abused at scale against web services. In many incidents, attackers deploy familiar payloads such as cryptocurrency miners, but in…
-
The Next Log4Shell? Global Hackers Weaponize React2Shell for RCE and Cloud Takeovers
A critical vulnerability in the widely used JavaScript library React, dubbed React2Shell, is already being exploited at scale. According to Google, at least five newly identified Chinese espionage groups, “Iran-linked” threat actors, and common cybercriminals have joined the wave of attacks. Tracked as CVE-2025-55182, the flaw allows an unauthenticated attacker to remotely execute code on…
-
React2Shell Saga Continues: New DoS Flaw & Source Code Leak Discovered in React Server Components
The long-running React2Shell saga—which has continued to disrupt many web projects—has taken another turn: it has emerged that the original fix was incomplete. A deeper review uncovered two additional vulnerabilities in the React Server Components implementation and assigned a separate identifier to the earlier shortcoming. Liz Herder of the Vercel team reported that the newly…
-
React2Shell Exploit: Critical RCE Flaw (CVSS 10.0) Under Active Attack with New Backdoors
Immediately following the public disclosure of a critical vulnerability in React Server Components, threat actors began exploiting it in attacks against organizations across multiple industries. The Huntress team reports that the flaw is an unauthenticated remote code execution (RCE) vulnerability, enabling attackers to run arbitrary code via a single, specially crafted HTTP request. The vulnerability…