The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
CSO Online

Security lapse lets researchers see React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...
TechRepublic

New Apple Hack: Up to 270M iPhones Vulnerable to ‘DarkSword’ Exploit

New Apple Hack: Up to 270M iPhones Vulnerable to ‘DarkSword’ Exploit Your email has been sent Researchers uncover “DarkSword,” a powerful iPhone exploit targeting millions via compromised websites.
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential harvesting campaign.