RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
01 January 2026
Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox.
As of December 2025, the activity has been observed leveraging the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) flaw as an initial access vector, CloudSEK said in an