Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed ...

RondoDox botnet exploited React2Shell to compromise IoT devices and Next.js servers over a nine-month global campaign.

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. Exploitation of ...

The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...

Attackers quickly turn around real-world attacks using proof-of-concept code, taking only days to weeks to create workable exploits from published research, according to six months of data collected ...

A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell. It's been more than two years since the critical vulnerability in Log4j was first unleashed unto this earth, ...

A critical vulnerability has been discovered in the Linux-based Ruckus access points (AP) that allows remote attackers to take control of vulnerable systems. Tracked CVE-2023-25717 and first ...

Delivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector, supplementing its usual remote login brute ...