Researchers revealed a nine-month campaign exploiting the React2Shell vulnerability to build the RondoDox botnet. The botnet scans for vulnerable devices and installs various malware, including cryptocurrency miners and a Mirai variant. Organizations are urged to update software and implement security measures to defend against these attacks.

Researchers found that hackers are using the React2Shell vulnerability to compromise NGINX web servers, redirecting traffic for malicious purposes. This can lead to malware infections and damage to an organization's reputation. CSOs are advised to secure server configurations and apply the latest security patches.