National Cyber Warfare Foundation (NCWF)

UAT-10608 Campaign Abuses React2Shell for Cloud Credential Harvesting (Campaign)


0 user ratings
2026-04-29 15:11:21
milo
Attacks
An automated campaign attributed to threat cluster UAT-10608 is exploiting vulnerable Next.js applications to achieve pre-authentication remote code execution and deploy a multi-phase credential harvesting framework. The operation has compromised hundreds of hosts across cloud...

An automated campaign attributed to threat cluster UAT-10608 is exploiting vulnerable Next.js applications to achieve pre-authentication remote code execution and deploy a multi-phase credential harvesting framework. The operation has compromised hundreds of hosts across cloud...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/uat-10608-campaign-abuses-react2shell-for-cloud-credential-harvesting


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Attacks



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.