Cybersecurity specialists have chronicled a voluminous, automated campaign for credential harvesting that, within a mere matter of hours, besieged hundreds of servers across the globe. The offensive unfolded with minimal human intervention, preying upon...
Pro-Iranian ransomware syndicates are orchestrating a strategic pivot in their digital weaponry. Abandoning the Sicarii architecture, these factions have commenced a mass migration toward the BQTLock infrastructure. This exodus is accompanied by a fervent...
According to a nascent dossier promulgated by Google Cloud, digital malefactors have commenced breaching cloud architectures almost instantaneously following the public disclosure of vulnerabilities. Whereas the interlude between a flaw’s revelation and the inaugural...
Security analysts at Datadog have unmasked an ongoing traffic interception campaign targeting NGINX servers and hosting management interfaces, most notably the Baota panel prevalent throughout Asia. Adversaries are surreptitiously embedding deleterious directives into server...
Since early December 2025, SOC teams in Japan have been observing a wave of attacks exploiting React2Shell (CVE-2025-55182)—a remote code execution vulnerability in React/Next.js that already has a public proof of concept and is...
A critical vulnerability in the widely used JavaScript library React, dubbed React2Shell, is already being exploited at scale. According to Google, at least five newly identified Chinese espionage groups, “Iran-linked” threat actors, and common...
The long-running React2Shell saga—which has continued to disrupt many web projects—has taken another turn: it has emerged that the original fix was incomplete. A deeper review uncovered two additional vulnerabilities in the React Server...
Immediately following the public disclosure of a critical vulnerability in React Server Components, threat actors began exploiting it in attacks against organizations across multiple industries. The Huntress team reports that the flaw is an...
The emergence of a new malicious tool within the React2Shell attack chain has become a notable development amid the surge of compromises that followed the disclosure of CVE-2025-55182. This time, the activity goes far...
A newly discovered vulnerability in Node.js, designated CVE-2025-55182 and informally dubbed React2Shell, has become a favored weapon of botnets within mere days of its disclosure. Operators are now launching widespread attacks against vulnerable web...
Two China-linked hacking groups began exploiting a critical vulnerability in React Server Components just hours after it became public. The flaw — CVE-2025-55182, rated a maximum 10 — has already been dubbed React2Shell and...
