React2Shell is a security vulnerability being exploited by threat actors to deploy sophisticated malware like KSwapDoor and ZnDoor, leading to widespread cyber attacks globally. The exploitation involves remote code execution, credential theft, lateral movement, and infrastructure compromise. #React2Shell #KSwapDoor #ZnDoor #CVE-2025-55182
Keypoints
- React2Shell is a high-severity vulnerability with a CVSS score of 10.0 being actively exploited by cybercriminals.
- Threat actors use malware such as KSwapDoor and ZnDoor to gain remote access and control over affected systems.
- Attack campaigns target cloud environments and leverage tools like TruffleHog and Gitleaks to harvest secrets and credentials.
- Large-scale operations have compromised over 59,000 servers, with extensive data exfiltration and credential theft activities.
- Vulnerable IP addresses are mainly located in the U.S., Germany, France, and India, highlighting a wide international impact.
Read More: https://thehackernews.com/2025/12/react2shell-vulnerability-actively.html