highMalware & Threats
Automated Credential Theft Campaigns Surge as React2Shell Exploits Target Next.js Apps
Attackers are exploiting React2Shell (`CVE-2025-55182`) in Next.js applications for automated credential harvesting while QR code-based traffic violation scams target U.S. consumers. The European Commission confirmed a data breach through supply chain compromise.
BleepingComputer, Checkpoint Research, Malwarebytes Labs
phishingcredential-theftreact2shell