Eksploitasi React2Shell berlanjut dengan penyebaran backdoor Linux skala besar dan pencurian kredensial cloud

Indonesia

Eksploitasi berkelanjutan terhadap kerentanan React2Shell (CVE-2025-55182)—sebelumnya dirinci dalam liputan kampanye China-nexus dan cybercriminal—sekarang mencakup instalasi backdoor Linux yang luas, eksekusi perintah sewenang-wenang, dan pencurian kredensial cloud skala besar.

Mengikuti laporan awal tentang PeerBlight dan serangan selanjutnya oleh kelompok seperti UNC6600, UNC6586, UNC6588, UNC6603, serta pelaku bermotivasi finansial yang menyebarkan malware seperti MINOCAT, SNOWLIGHT, HISONIC, COMPOOD, ANGRYREBEL.LINUX, dan penambang XMRig, peneliti keamanan siber mengonfirmasi eksploitasi aktif dan skala besar terhadap React2Shell (CVE-2025-55182).

Penyerang terus memanfaatkan kerentanan RCE kritis ini (CVSS 10.0, memengaruhi React 19.0–19.2.0) untuk memasang backdoor pada sistem Linux, mengeksekusi perintah sewenang-wenang, dan menargetkan kredensial cloud untuk dicuri.

Meskipun patch tersedia (React 19.0.1, 19.1.2, 19.2.1+), ancaman yang berkelanjutan ini menggarisbawahi kebutuhan administrator untuk menerapkan mitigasi seperti Cloud Armor WAF, memantau IOC dari liputan sebelumnya, dan mengamankan aplikasi React/Next.js di tengah risiko rantai pasok perangkat lunak.

Artikel Terkait

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
Gambar dihasilkan oleh AI

Linux CopyFail exploit threatens root access amid Ubuntu outage

Dilaporkan oleh AI Gambar dihasilkan oleh AI

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

Single errant character triggers high-severity Linux vulnerability

Researchers have identified a high-severity flaw in the Linux kernel that can allow untrusted users to gain root access. The issue stems from one incorrect character in the code.

US government issues urgent CopyFail warning as Linux patches roll out

Dilaporkan oleh AI

Four days after the CopyFail (CVE-2026-31431) exploit disclosure disrupted Ubuntu services, the US government warned of its critical risks to Linux systems, urging immediate patching amid public exploit code.

ShinyHunters exploits critical PeopleSoft zero-day vulnerability

A ransomware group known as ShinyHunters exploited a critical zero-day flaw in Oracle’s PeopleSoft software to target about 100 organizations. The attackers stole gigabytes of data from victims, including the University of Nottingham, and issued extortion demands. Oracle has released a mitigation but not a full patch.

OpenClaw patches severe vulnerability granting admin access

Dilaporkan oleh AI

Developers of the popular AI tool OpenClaw released patches for three high-severity vulnerabilities, including one that allowed attackers with basic pairing privileges to silently gain full administrative control. The flaw, tracked as CVE-2026-33579 and rated up to 9.8 out of 10 in severity, has raised alarms among security experts. Thousands of exposed instances may have been compromised unknowingly.

09 Juni 2026 04.36

Single character triggers high-severity Linux kernel vulnerability

08 Juni 2026 12.50

Microsoft packages hit with credential-stealing malware for second time

23 Mei 2026 01.36

Linux kernel flaw lets unprivileged users gain root access

09 Mei 2026 20.17

New dirty frag exploit grants root access on linux systems

22 April 2026 09.46

Microsoft patches critical ASP.NET Core vulnerability on macOS and Linux

Situs web ini menggunakan cookie

Kami menggunakan cookie untuk analisis guna meningkatkan situs kami. Baca kebijakan privasi kami untuk informasi lebih lanjut.
Tolak