Hackers exploit React2Shell in automated credential theft campaign

News Companies Events

Statistics About NLC Contact us

News Companies Events

Hackers exploit React2Shell in automated credential theft campaign

Image for the article: Hackers exploit React2Shell in automated credential theft campaign

Hackers exploit React2Shell in automated credential theft campaign

Sun Apr 05 2026

IAM

Vulnerability

www.bleepingcomputer.com

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. [...]