December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

Apple’s App Store source map leak shows a preventable risk we found in 70% of organizations shipping production web apps.