The days of worrying about minor npm annoyances are long gone. A chilling new breed of self-replicating malware is reshaping the threat landscape, turning the developer's trusted toolkit into a weapon.
Credentials pouring out. An automated campaign's hitting vulnerable Next.js setups, siphoning secrets faster than you can say 'patch management.' UAT-10608 doesn't mess around.
One HTTP request. That's all it took for hackers to burrow into 766 Next.js servers, siphoning credentials like SSH keys and AWS tokens. Cisco Talos just pulled back the curtain on this automated nightmare.
Next.js promised smoothly full-stack bliss. Then CVE-2025-55182 let hackers raid 766 hosts, grabbing credentials and mapping entire infrastructures for the dark web auction.