React2Shell Archives • Information Security News

UAT-10608 Collective Hijacked 700+ Next.js Servers in Hours NEXUS Listener Login Prompt

UAT-10608 Collective Hijacked 700+ Next.js Servers in Hours

ddos April 6, 2026

Cybersecurity specialists have chronicled a voluminous, automated campaign for credential harvesting that, within a mere matter of...

The RaaS Pivot: Pro-Iranian Hacktivists Abandon Sicarii for the BQTLock Extortion Engine

ddos March 17, 2026

Pro-Iranian ransomware syndicates are orchestrating a strategic pivot in their digital weaponry. Abandoning the Sicarii architecture, these...

The 48-Hour Window: Google’s H1 2026 Report Warns of “Spectrally Stealthy” Cloud Breaches

ddos March 11, 2026

According to a nascent dossier promulgated by Google Cloud, digital malefactors have commenced breaching cloud architectures almost...

The Invisible Proxy: How Hackers Are Weaponizing NGINX and Baota Panels to Hijack Web Traffic Radio Nordseewelle Attack Municipal cyberattack JLR Cyberattack German economy cyberattacks AI misuse Chinese APT GMX Hack Iran Cyber Threat, US Cyberattack Warning Pegasus spyware Jordan

Radio Nordseewelle Attack Municipal cyberattack JLR Cyberattack German economy cyberattacks AI misuse Chinese APT GMX Hack Iran Cyber Threat, US Cyberattack Warning Pegasus spyware Jordan

The Invisible Proxy: How Hackers Are Weaponizing NGINX and Baota Panels to Hijack Web Traffic

ddos February 6, 2026

Security analysts at Datadog have unmasked an ongoing traffic interception campaign targeting NGINX servers and hosting management...

Beyond the Shell: Critical React2Shell Exploit Hits Japan to Deploy Stealthy ZnDoor RAT South Korea Cyberattack BlackLock ransomware

Beyond the Shell: Critical React2Shell Exploit Hits Japan to Deploy Stealthy ZnDoor RAT

ddos December 19, 2025

Since early December 2025, SOC teams in Japan have been observing a wave of attacks exploiting React2Shell...

RondoDox Cryptominer LA Metro hack supply chain ransomware CentreStack LFI zero-day Airport PA Hacked Airport security Salesloft breach Bridgestone, cyberattack Nevada cyberattack TPG Telecom Data breach Traffic enforcement Airline Outage SharePoint Exploitation SharePoint Zero-Day Crypto Exchange Hack Solana Exploit Houken TeleMessage TM SGNL Mobile Security Salt Typhoon Kansas State University cyberattack

The Next Log4Shell? Global Hackers Weaponize React2Shell for RCE and Cloud Takeovers

ddos December 17, 2025

A critical vulnerability in the widely used JavaScript library React, dubbed React2Shell, is already being exploited at...

React2Shell Saga Continues: New DoS Flaw & Source Code Leak Discovered in React Server Components

ddos December 15, 2025

The long-running React2Shell saga—which has continued to disrupt many web projects—has taken another turn: it has emerged...

React2Shell Exploit: Critical RCE Flaw (CVSS 10.0) Under Active Attack with New Backdoors JLR Cyberattack Cost SK Telecom Data Breach Jaguar Land Rover WatchGuard RCE Asahi Super Dry Boyd Gaming Breach Airport cyberattack Jaguar Land Rover, Cyberattack npm attack Pix attack FreePBX zero-day Crypto Hack Federal Courts Data Breach NNSA Breach CrushFTP Zero-Day GMX Hack Resupply Exploit CVE-2023-22952 Humac Cyberattack

JLR Cyberattack Cost SK Telecom Data Breach Jaguar Land Rover WatchGuard RCE Asahi Super Dry Boyd Gaming Breach Airport cyberattack Jaguar Land Rover, Cyberattack npm attack Pix attack FreePBX zero-day Crypto Hack Federal Courts Data Breach NNSA Breach CrushFTP Zero-Day GMX Hack Resupply Exploit CVE-2023-22952 Humac Cyberattack

React2Shell Exploit: Critical RCE Flaw (CVSS 10.0) Under Active Attack with New Backdoors

ddos December 15, 2025

Immediately following the public disclosure of a critical vulnerability in React Server Components, threat actors began exploiting...

Next-Gen Malware: EtherRAT Uses Ethereum Smart Contract for Stealth C2 ShadowRay 2.0 Ransomware Negotiator Crime Magento zero-day South Korea cyberattack BatShadow Scattered Lapsus$ Hunters Keymous+ DDoS Data backup Military Cyber Warfare CVE-2025-42957 WOO X hack Crypto sanctions BlackSuit ShinyHunters Soldier Cybercrime North Korea Fraud Home Surveillance Hacks Microsoft Graph API Cybercriminals

ShadowRay 2.0 Ransomware Negotiator Crime Magento zero-day South Korea cyberattack BatShadow Scattered Lapsus$ Hunters Keymous+ DDoS Data backup Military Cyber Warfare CVE-2025-42957 WOO X hack Crypto sanctions BlackSuit ShinyHunters Soldier Cybercrime North Korea Fraud Home Surveillance Hacks Microsoft Graph API Cybercriminals

Next-Gen Malware: EtherRAT Uses Ethereum Smart Contract for Stealth C2

ddos December 13, 2025

The emergence of a new malicious tool within the React2Shell attack chain has become a notable development...

React2Shell Exploit: Botnets Target 150K+ Devices Daily with Node.js Flaw

ddos December 12, 2025

A newly discovered vulnerability in Node.js, designated CVE-2025-55182 and informally dubbed React2Shell, has become a favored weapon...

Cloudflare Outage Caused by Frantic Patching of Critical React2Shell (CVE-2025-55182) Flaw Cloud Configuration Outage Cloudflare Outage Post-quantum cryptography certificate misissuance Cloudflare Outage Cloudflare, Pay Per Crawl

Cloud Configuration Outage Cloudflare Outage Post-quantum cryptography certificate misissuance Cloudflare Outage Cloudflare, Pay Per Crawl

Cloudflare Outage Caused by Frantic Patching of Critical React2Shell (CVE-2025-55182) Flaw

ddos December 9, 2025

Cloudflare’s global infrastructure has suffered a second major outage in less than a month — and it...

China APTs Exploiting React Server RCE (CVE-2025-55182) Hours After Disclosure

ddos December 8, 2025

Two China-linked hacking groups began exploiting a critical vulnerability in React Server Components just hours after it...

React2Shell

The RaaS Pivot: Pro-Iranian Hacktivists Abandon Sicarii for the BQTLock Extortion Engine

The Invisible Proxy: How Hackers Are Weaponizing NGINX and Baota Panels to Hijack Web Traffic

Beyond the Shell: Critical React2Shell Exploit Hits Japan to Deploy Stealthy ZnDoor RAT

React2Shell Saga Continues: New DoS Flaw & Source Code Leak Discovered in React Server Components

React2Shell Exploit: Critical RCE Flaw (CVSS 10.0) Under Active Attack with New Backdoors

Next-Gen Malware: EtherRAT Uses Ethereum Smart Contract for Stealth C2

React2Shell Exploit: Botnets Target 150K+ Devices Daily with Node.js Flaw

Cloudflare Outage Caused by Frantic Patching of Critical React2Shell (CVE-2025-55182) Flaw

China APTs Exploiting React Server RCE (CVE-2025-55182) Hours After Disclosure

You may have missed

The War for Your Documents: Why The Document Foundation is Challenging Microsoft’s OOXML Monopoly

Urgent Patch: Microsoft Defender Update Fixes Critical SYSTEM-Level Privilege Escalation Flaw

The Pre-Boot Breach: Microsoft Releases Critical Emergency Script to Defend Against “YellowKey” BitLocker Bypass

The Reddit Clone: Meta Secretly Launches “Forum” App to Unbundle Facebook Groups