> TritonInfoSec News
Home / Apr 03, 2026 / Story
0
#1 The Hacker News general April 02, 2026 at 19:30 UTC

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

By [email protected] (The Hacker News)

AI Summary

Cisco Talos discovered a large-scale credential harvesting operation exploiting the React2Shell vulnerability (CVE-2025-55182) to compromise 766 Next.js hosts. Attackers stole database credentials, SSH private keys, AWS secrets, shell histories, Stripe API keys, and GitHub tokens across the breached systems.

Read full article → https://thehackernews.com/2026/04/hackers-exploit-…

Relevance score: 95.0/100

# More from April 03

  1. 2
    Drift loses $280 million as hackers seize Security Council powers BleepingComputer
  2. 3
    Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise The Hacker News
  3. 4
    US Bans All Foreign-Made Consumer Routers Schneier on Security
  4. 5
    New Rowhammer attacks give complete control of machines running Nvidia GPUs Ars Technica Security
  5. 6
    Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome SecurityWeek
  6. 7
    Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate Dark Reading
  7. 8
    Medtech giant Stryker says it’s back up after Iranian cyberattack CyberScoop
  8. 9
    New Progress ShareFile flaws can be chained in pre-auth RCE attacks BleepingComputer
  9. 10
    WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action The Hacker News