{"id":19783,"date":"2026-04-02T19:30:00","date_gmt":"2026-04-02T19:30:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2026\/04\/02\/hackers-exploit-cve-2025-55182-to-breach-766-next-js-hosts-steal-credentials-infothehackernews-com-the-hacker-news\/"},"modified":"2026-04-02T19:30:00","modified_gmt":"2026-04-02T19:30:00","slug":"hackers-exploit-cve-2025-55182-to-breach-766-next-js-hosts-steal-credentials-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2026\/04\/02\/hackers-exploit-cve-2025-55182-to-breach-766-next-js-hosts-steal-credentials-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>A\u00a0large-scale credential harvesting operation\u00a0has been\u00a0observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at\u00a0scale.<br \/>\nCisco\u00a0Talos has attributed the operation to a threat cluster it tracks\u00a0as<a href=\"https:\/\/thehackernews.com\/2026\/04\/hackers-exploit-cve-2025-55182-to.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>A\u00a0large-scale credential harvesting operation\u00a0has been\u00a0observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at\u00a0scale. Cisco\u00a0Talos has attributed the operation to a threat cluster it tracks\u00a0asRead More\u00a0<\/p>\n","protected":false},"author":1,"featured_media":19784,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-19783","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=19783"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19783\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/19784"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=19783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=19783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=19783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}