Hackers Deploy Bots Tracking React2Shell Exploits
Hackers are running an organized, AI-assisted exploitation campaign against React2Shell using Telegram bots and a dedicated scanning platform. Operators used the Bissa scanner to probe millions of internet-facing targets for CVE-2025-55182, a 10.0 CVSS pre-auth RCE in React Server Components and Next.js. Analysts uncovered an exposed staging host with a module that automatically validated successful exploits, producing a "confirmed hits" list with more than 900 compromised companies. The operation combined automated scanners, local AI tooling including claude-sonnet-4-6 and Claude Code, a WebSocket-based control surface (OpenClaw), and a Telegram operator bot @bissa_scan_bot. Attackers focused on harvesting .env files, cloud metadata, credentials, databases, and wallets, archiving tens of thousands of entries to S3-compatible storage. Immediate mitigations: apply vendor patches, rotate secrets, hunt for exfil artifacts and unusual S3 writes, and block malicious scanner infrastructure and Telegram controls.
What happened
Hackers deployed an automated, AI-augmented campaign abusing React2Shell CVE-2025-55182, a 10.0 CVSS pre-auth remote code execution affecting React Server Components and Next.js, and confirmed over 900 successful compromises. Investigators found an exposed staging host tied to the Bissa scanner that scans millions of targets, validates exploitation, and stages harvested data rather than performing simple opportunistic dumping.
Technical details
The exposed host contained more than 13,000 files across 150+ directories tied to scanning, victim staging, credential harvesting, and operator workflow. A dedicated CVE-2025-55182 module performed mass probing and automatic confirmation of hits. The attacker toolchain included Claude Code usage and a local AI-control surface called OpenClaw with a model pool that included claude-sonnet-4-6. A Telegram operator endpoint @bissa_scan_bot provided coordination and proof delivery. The campaign heavily tuned post-exploit collection to capture .env files, cloud metadata endpoints, local credential stores, database dumps, and wallet material. Analysts enumerated 400+ env-batch ZIP archives, 30,000+ distinct .env filenames, and 65,000+ archived file entries collected between 10 and 21 April 2026.
Stolen targets and telemetry
Harvested secrets spanned large AI and cloud providers and high-value SaaS tiers. Key categories included:
- •AI platforms and model providers such as Anthropic, OpenAI, Google, Mistral, and HuggingFace
- •Cloud platforms and infrastructure providers including AWS, Azure, Google Cloud, Cloudflare, and DigitalOcean
- •Payment and financial services credentials and keys
Context and significance
This campaign shows a shift from noisy scanning toward integrated, validated exploitation pipelines that combine scanners, human-in-the-loop operator bots, and AI-assisted debugging and orchestration. The use of generative models to interpret scanner logic, debug collection flows, and refine exfiltration increases operational efficiency and accelerates attacker iteration cycles. For defenders, the high success rate against unpatched environments and the focus on secrets tied to AI and cloud services raises systemic risk beyond single-company breaches.
What to watch
Immediate priorities are patching CVE-2025-55182, rotating all exposed credentials, auditing object storage for unusual env archives, blocking known scanner infrastructure and Telegram control channels, and hunting for evidence of OpenClaw and model-assisted workflows in incident telemetry.
Scoring Rationale
Widespread exploitation of a **10.0 CVSS** RCE with AI-assisted tooling and verified hits across 900+ companies is a major security event. The campaign elevates systemic risk for cloud and AI credentials and demonstrates a new attacker playbook combining scanners, AI debugging, and Telegram orchestration.
Practice with real Ad Tech data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Ad Tech problems
