https://cybercrime.club/tags/cloud-security/Recent content in Cloud-Security on cybercrime.clubHugoen-usFri, 03 Apr 2026 09:30:00 -0400https://cybercrime.club/posts/react2shell-cve-2025-55182-mass-credential-harvesting/Fri, 03 Apr 2026 09:30:00 -0400https://cybercrime.club/posts/react2shell-cve-2025-55182-mass-credential-harvesting/<p>A large-scale automated credential harvesting campaign is actively exploiting CVE-2025-55182, the critical pre-authentication remote code execution vulnerability in React Server Components known as React2Shell. Researchers have confirmed at least 766 compromised hosts across multiple cloud providers and geographic regions, with the operation showing no signs of slowing down.</p> <h2 id="the-vulnerability">The Vulnerability</h2> <p>CVE-2025-55182 carries a maximum CVSS score of 10.0. The flaw affects React Server Components as implemented in Next.js and related frameworks, allowing remote unauthenticated attackers to achieve arbitrary code execution. The vulnerability was initially disclosed and patched in late 2025, with Microsoft publishing detailed defense guidance in December 2025. Despite patches being available for months, a significant number of internet-facing deployments remain unpatched.</p>