Credential-Theft

vulnerabilities 2026-04-03
React2Shell Under Mass Exploitation: 766+ Next.js Hosts Breached in Credential Harvesting Campaign
Threat actor UAT-10608 is mass-exploiting CVE-2025-55182 (React2Shell) to breach Next.js deployments and harvest cloud credentials, SSH keys, and API tokens at scale.
react nextjs rce credential-theft cloud-security CVE-2025-55182

React2Shell Under Mass Exploitation: 766+ Next.js Hosts Breached in Credential Harvesting Campaign