RondoDox Botnet Campaign Targets IoT Devices & Web Servers

Cybersecurity researchers have detailed a sustained nine-month campaign targeting both IoT devices and web applications, ultimately conscripting them into the RondoDox botnet. As of December 2025, CloudSEK analysis confirms the campaign is actively exploiting the recently disclosed React2Shell vulnerability (CVE-2025-55182, CVSS 10.0) as a primary entry vector. React2Shell affects React Server Components (RSC) and Next.js,...