{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiddxhp6cogweumdy57dsnqrrpzd2l2k4dv2skizsqwgr6ggxjkcdq",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mit2lxllorb2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibjukkh43dqct7fenav355wkfwnxswcea65mo74kdmacxzo53ckey"
    },
    "mimeType": "image/jpeg",
    "size": 1361885
  },
  "path": "/700-next-js-hosts-hit-in-react2shell-campaign-as-attackers-steal-cloud-and-database-secrets/",
  "publishedAt": "2026-04-05T17:56:58.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "700+ Next.js hosts hit in React2Shell campaign as attackers steal cloud and database secrets",
    "VPN Central"
  ],
  "textContent": "A large-scale credential theft campaign has compromised more than 700 internet-facing hosts by exploiting React2Shell, the remote code execution flaw tracked as CVE-2025-55182. Cisco Talos says the operation, which it tracks as UAT-10608, uses the bug to break into vulnerable web applications and then run an automated script that steals secrets from the server. The […]\n\nThe post 700+ Next.js hosts hit in React2Shell campaign as attackers steal cloud and database secrets appeared first on VPN Central.",
  "title": "700+ Next.js hosts hit in React2Shell campaign as attackers steal cloud and database secrets"
}