React2Shell Archives • Daily CyberSecurity

AI in the Driver’s Seat: How the ‘Bissa’ Scanner Hijacked 900+ Firms in Weeks AI-Assisted Exploitation Bissa Scanner

AI in the Driver’s Seat: How the ‘Bissa’ Scanner Hijacked 900+ Firms in Weeks

Ddos April 24, 2026

Researchers from The DFIR Report recently discovered an exposed command-and-control server that provided a rare look into...

UAT-10608 Uses a Next.js “React2Shell” Flaw to Map Your Entire Cloud NEXUS Listener React2Shell Vulnerability

UAT-10608 Uses a Next.js “React2Shell” Flaw to Map Your Entire Cloud

Ddos April 7, 2026

Cisco Talos has revealed a major automated credential harvesting campaign, tracked as UAT-10608, that has already compromised...

Suspected North Korean Actors Target the Cryptocurrency Supply Chain AWS Kill Chain React2Shell

Suspected North Korean Actors Target the Cryptocurrency Supply Chain

Ddos March 5, 2026

Cybersecurity researchers at Ctrl-Alt-Intel have released a detailed investigation into a systematic campaign targeting the heart of...

The Rise of Vibecoding: AI-Generated Malware Exploits React2Shell Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The Rise of Vibecoding: AI-Generated Malware Exploits React2Shell

Ddos February 12, 2026

A new class of cyberattack has been caught in the wild, one where the code isn’t written...

“Sliver” in the Stack: Exposed Logs Reveal Targeted FortiWeb Exploitation Campaign Sliver C2, React2Shell (CVE-2025-55182)

“Sliver” in the Stack: Exposed Logs Reveal Targeted FortiWeb Exploitation Campaign

Ddos January 5, 2026

A sophisticated threat actor has been caught leveraging exposed logs and databases to orchestrate a targeted campaign...

“RondoDoX” Strikes Back: Exposed Logs Reveal Massive 9-Month Campaign Targeting Next.js and IoT AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

“RondoDoX” Strikes Back: Exposed Logs Reveal Massive 9-Month Campaign Targeting Next.js and IoT

Ddos December 31, 2025

The RondoDoX botnet has resurfaced with a potent new arsenal, shifting its sights from simple routers to...

Operation PCPcat: 60,000 Next.js Servers Hijacked in Just 48 Hours Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Operation PCPcat: 60,000 Next.js Servers Hijacked in Just 48 Hours

Ddos December 24, 2025

A highly automated and ruthlessly efficient cyber-espionage campaign is tearing through the cloud infrastructure of modern web...

“React2Shell” Exploited: New EtherRAT Malware Hunts for Crypto via Node.js NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

“React2Shell” Exploited: New EtherRAT Malware Hunts for Crypto via Node.js

Ddos December 23, 2025

A new, sophisticated malware campaign is sweeping across the internet, leveraging a recently disclosed vulnerability to install...

React2Shell: Max-Score RCE (CVSS 10.0) Triggers Widespread Exploitation by Espionage Groups & Miners React2Shell RCE, Widespread Exploitation

React2Shell: Max-Score RCE (CVSS 10.0) Triggers Widespread Exploitation by Espionage Groups & Miners

Ddos December 13, 2025

The cybersecurity landscape was jolted this month by the disclosure of a catastrophic vulnerability in one of...

“React2Shell” Crisis: Critical Vulnerability Triggers Global Cyberattacks by State-Sponsored Groups React2Shell RCE, Flight Protocol Deserialization

React2Shell RCE, Flight Protocol Deserialization

“React2Shell” Crisis: Critical Vulnerability Triggers Global Cyberattacks by State-Sponsored Groups

Ddos December 11, 2025

A critical security flaw in the popular React web framework has ignited a wave of cyberattacks, with...

EtherRAT Malware Hijacks Ethereum Blockchain for Covert C2 After React2Shell Exploit EtherRAT C2 Blockchain, React2Shell DPRK

EtherRAT Malware Hijacks Ethereum Blockchain for Covert C2 After React2Shell Exploit

Ddos December 10, 2025

In a alarming escalation of the “React2Shell” crisis, security researchers have uncovered a sophisticated new malware strain...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

“React2Shell” Storm: China-Nexus Groups Weaponize Critical React Flaw Hours After Disclosure

Ddos December 5, 2025

Only hours after the public disclosure of a critical vulnerability in the React ecosystem, state-sponsored cyber espionage...