Technoholic.me
A large credential theft operation exploited the React2Shell vulnerability to steal AWS secrets, GitHub tokens, SSH keys, and more. Cisco Talos links it to a known threat cluster. https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

766 hosts breached via CVE-2025-55182 in Next.js apps, enabling mass credential theft and targeted follow-on attacks.

The Hacker News
Apr 4 at 7:28pmradaar