All news

Next.js

(2 articles)
Hackers Exploit React2Shell in Automated Credential Theft Campaign

April 5, 2026

Hackers Exploit React2Shell in Automated Credential Theft Campaign

CVE-2025-55182 in React2Shell is being weaponized to steal AWS keys, SSH keys, and env secrets from Next.js apps at scale. 766 hosts hit in 24 hours.

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

April 2, 2026

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Attackers exploited CVE-2025-55182 to compromise 766 Next.js hosts and harvest credentials. Here's what happened and how to protect your app.