The operators behind the highly adaptable RondoDox botnet campaign that kicked off in late March have proven to be ready to embrace the latest attack trends. Most recently, in December they began targeting Next.js servers that are vulnerable to the maximum-severity React2Shell flaw, which was disclosed December 3.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/01/rondodox-botnet-operators-set-react2shell-flaw-in-their-sights/
