MEDIUMVulnerability
Global

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

Monday, April 6, 2026 at 03:31 PM UTC·Source: Dark Reading

Updated: Monday, April 6, 2026 at 03:50 PM UTC

Executive Summary

An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.

Analysis

An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.
Source Attribution

Originally published by Dark Reading on Apr 6, 2026.

Related Threats

MEDIUMVulnerabilityNEW

Coinbase wins conditional approval for national trust bank charter

Coinbase is the latest digital asset firm to receive conditional approval from US regulators for a national trust bank charter.

Finextra
LOWVulnerabilityNEW

Businesses ready to embrace AI-to-AI commerce, consumers more wary - Visa survey

AI-to-AI commerce looks poised to scale, with more than half of US businesses willing to allow agents to negotiate prices and terms directly with other agents on their behalf, according to a survey from Visa.

Finextra
CRITICALVulnerabilityNEW

Trump's Budget Proposal Would Slash CISA After Bruising Year

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/trumps-budget-proposal-would-slash-cisa-after-bruising-year-image_small-6-a-31352.jpg" align=right hspace=4><b>White House Criticizes Cyber Defense Agency - and Proposes a Steep $700 Million Cut</b><br>The FY2027 proposal would cut roughly $707 million from CISA, reducing staffing, contractor support and coordination programs whil

Bank Info Security