4 articles tagged with "React2shell"
Cloud-native worm campaign by TeamPCP has compromised 60,000+ servers by exploiting Docker APIs, Kubernetes, and React2Shell. Flare researchers detail the industrialized operation.
Over 1,000 IPs exploit CVE-2025-55182 to inject malicious NGINX configs that redirect web traffic through attacker infrastructure, targeting Asian government and education sites.
Nine-month-old botnet campaign pivots to exploit CVE-2025-55182 in Next.js, deploying cryptominers and Mirai variants across exposed instances.
Beyond CVSS scores, these vulnerabilities caused the most damage in 2025—from nation-state exploitation to mass ransomware campaigns and breaches affecting millions.