An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.
First seen on darkreading.com
Jump to article: www.darkreading.com/cyberattacks-data-breaches/automated-credential-harvesting-campaign-react2shell
