News
React2Shell Credential-Harvesting Campaign Targets AI Platform API Keys at Scale
A cyber threat actor is exploiting the React2Shell vulnerability in React Server Components to deploy multi-phase credential-harvesting tools on internet-facing servers — no authentication required. The payload specifically targets AI tool API keys, cloud platform passwords, SSH keys, and environment secrets. The campaign represents a new class of supply-chain risk where AI infrastructure credentials are the primary target.
↳ Follow the thread