RondoDox Botnet Targets React2Shell Flaw to Spread Malware

RondoDox Botnet Targets React2Shell Flaw to Spread Malware

First seen 1 Jan 2026, 16:26 UTC ThehackernewsSecurityaffairs.CoSecurityaffairsGbhackersFeeds.Feedburner+7 75% similarity 81.0

Article Content

Browse articles
ThreatCluster

The RondoDox botnet is exploiting the React2Shell vulnerability (CVE-2025-55182) to infect vulnerable .js servers with malware and cryptominers. This ongoing campaign has been active for nine months, primarily targeting IoT devices and web applications, as reported by CloudSEK researchers.

ThreatCluster AI

Community

Browse all →