PCPcat Malware Compromises Over 59,000 Servers via React2Shell Exploit
First seen 15 Dec 2025, 20:51 UTC
•
•91% similarity
•42
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The PCPcat malware campaign has compromised more than 59,000 servers in under 48 hours by exploiting critical vulnerabilities in .js and React frameworks. It specifically targets vulnerabilities CVE-2025-29927 and CVE-2025-66478, enabling remote code execution without authentication through prototype pollution and command execution techniques.
ThreatCluster AI