Thehackernews
RondoDox Botnet Targets React2Shell Flaw to Spread Malware
First seen 1 Jan 2026, 16:26 UTC
•



+7
•75% similarity
•81.0
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The RondoDox botnet is exploiting the React2Shell vulnerability (CVE-2025-55182) to infect vulnerable .js servers with malware and cryptominers. This ongoing campaign has been active for nine months, primarily targeting IoT devices and web applications, as reported by CloudSEK researchers.
ThreatCluster AI