GovInfoSecurity

RondoDox Botnet Exploiting Devices With React2Shell Flaw

Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
Cybernews

Wavlink routers and other IoT devices hit by React2Shell attacks

RondoDox botnet exploited React2Shell to compromise IoT devices and Next.js servers over a nine-month global campaign.
Morning Overview on MSN

Kimwolf DDoS botnet already grabbed 1.8M devices. What we know

Kimwolf is the latest reminder that the most dangerous botnets now grow quietly inside everyday consumer electronics.
SecurityWeek

‘Kimwolf’ Android Botnet Ensnares 1.8 Million Devices

Consisting of over 1.8 million infected devices, the Kimwolf Android Botnet focuses on traffic proxying, but can also launch ...
The Hacker News

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...