Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

News

Ravie LakshmananApr 02, 2026Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos has attributed the operation to a threat cluster it tracks as UAT-10608.…

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

News

Ravie LakshmananMar 18, 2026Network Security / Ransomware Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that’s exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software. The vulnerability in question is CVE-2026-20131 (CVSS score: 10.0), a case of insecure deserialization of user-supplied Java byte stream, which could…

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

News

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome…