Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More – Analyzing CVE-2025-55182 (CVSS 10.0) and CVE-2025-68668 (CVSS 9.9)

Estimated reading time: 6 minutes

Key Takeaways:

  • Immediate patching is required for CVE-2025-55182 (CVSS 10.0) and CVE-2025-68668 (CVSS 9.9) to prevent unauthenticated RCE and sandbox escapes.
  • Supply chain attacks targeting GitHub secrets and API keys are bypassing standard internal code reviews (Trust Wallet incident).
  • AI-driven phishing efficiency has surged, with automated campaigns achieving a 54% click-through rate.
  • Modern ransomware operations are maturing into structured data auction markets, creating multiple extortion streams.

Table of Contents:

Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

The beginning of 2026 has not provided a reprieve for security operations centers. Persistent pressure from previous quarters has intensified, with attackers targeting stable systems through familiar but effective vectors. This Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More examines the critical convergence of IoT vulnerabilities, supply chain compromises, and the weaponization of artificial intelligence. Significant attention is directed toward CVE-2025-55182 (CVSS 10.0) and CVE-2025-68668 (CVSS 9.9), both of which represent immediate risks to enterprise infrastructure and automated workflows.

As of early January 2026, threat actors have demonstrated a refined ability to exploit overlooked interfaces and browser-based environments. The shift toward attacking React Server Components and Python-based automation platforms suggests a strategic focus on the modern web stack. Furthermore, the professionalization of ransomware-transitioning from simple extortion to structured data auctions-indicates that the financial motivations behind these breaches are becoming more sophisticated.

RondoDox Botnet Exploits React2Shell (CVE-2025-55182)

The RondoDox botnet has maintained a consistent operational tempo for nine months, specifically targeting Internet of Things (IoT) hardware and web-facing applications. Since December 2025, the botnet has transitioned to using the React2Shell vulnerability, identified as CVE-2025-55182 (CVSS 10.0), as its primary initial access vector.

React2Shell is a critical flaw within React Server Components (RSC) and the Next.js framework. It enables unauthenticated remote code execution (RCE) on systems that have not applied the necessary patches. Data from the Shadowserver Foundation indicates that approximately 84,916 instances remain vulnerable as of January 4, 2026. The geographic distribution of these exposures is concentrated heavily in the United States (66,200), followed by Germany (3,600), France (2,500), and India (1,290).

This campaign demonstrates why a cyber threat intelligence platform is necessary for tracking the migration of botnets to newly disclosed CVEs. When a CVSS 10.0 vulnerability emerges, the time-to-exploit is often measured in hours, requiring immediate breach detection protocols to identify compromised nodes before they are integrated into larger botnet infrastructures.

N8scape: Critical Sandbox Bypass in n8n (CVE-2025-68668)

A new critical vulnerability, codenamed N8scape and tracked as CVE-2025-68668 (CVSS 9.9), has been disclosed in the n8n workflow automation platform. The flaw involves a protection mechanism failure in the Python Code Node that utilizes Pyodide.

The vulnerability allows an authenticated user with permissions to create or modify workflows to bypass the execution sandbox. Once the sandbox is bypassed, the attacker can execute arbitrary operating system commands on the host system with the same privileges as the n8n process. This affects all n8n versions from 1.0.0 up to version 2.0.0.

In response, n8n has shifted its default architecture in version 2.0.0 to a task runner-based native Python implementation, which provides improved security isolation. Organizations unable to upgrade immediately should consider disabling the Code Node via the NODES_EXCLUDE environment variable. This incident underscores the importance of supply-chain risk monitoring for internal tooling, as automation platforms often possess high-level access to sensitive corporate data.

Supply Chain Attacks: Trust Wallet and the Shai-Hulud Outbreak

Trust Wallet has confirmed that a breach of its Google Chrome extension in November 2025 was the result of a “Shai-Hulud” supply chain attack. This incident led to the theft of approximately $8.5 million in digital assets.

The attack path was established through the exposure of Developer GitHub secrets. This exposure allowed the threat actors to access the browser extension source code and the Chrome Web Store (CWS) API key. With full API access, the attackers bypassed Trust Wallet’s standard release processes, including internal code reviews and manual approvals, to upload malicious builds directly to the store.

The attackers exfiltrated users’ wallet mnemonic phrases to a server that returned the response “He who controls the spice controls the universe,” a thematic reference to the Shai-Hulud npm incident.

Investigations suggest the infrastructure for this hack was being prepared as early as December 8, 2025. This case highlights the necessity of brand leak alerting to identify when internal API keys or GitHub secrets appear in unauthorized locations.

Browser Extension Espionage: The DarkSpectre Campaigns

A Chinese threat group identified as DarkSpectre has been linked to a massive operation involving malicious browser extensions. This group has compromised over 8.8 million users across Chrome, Edge, Firefox, and Opera over a seven-year period. DarkSpectre operates through several distinct clusters:

  • ShadyPanda: Responsible for 5.6 million infections, focusing on long-term surveillance and e-commerce affiliate fraud.
  • GhostPoster: Affecting over one million users on Firefox and Opera, this campaign uses steganography to hide JavaScript payloads within PNG images.
  • The Zoom Stealer: A more recent discovery affecting 2.2 million users, focused primarily on corporate espionage.

These extensions are designed to look legitimate, often remaining undetected by standard signature-based scanners for years. Organizations must implement strict controls over browser environments and utilize a dark web monitoring service to check for compromised corporate credentials harvested by these extensions.

State-Sponsored Operations: Silver Fox and Mustang Panda

Chinese cybercrime and espionage groups continue to target specific regions with modular malware.

Silver Fox: This group is currently targeting Indian taxpayers. They use phishing emails with decoy PDFs disguised as communications from the Income Tax Department. The payload is ValleyRAT (Winos 4.0), a modular remote access trojan that allows for keylogging and credential harvesting.

Mustang Panda (HoneyMyte): Detected in mid-2025, this group utilized an undocumented kernel-mode rootkit driver to deliver a new variant of the TONESHELL backdoor. The rootkit driver protects malicious processes and registry keys from detection while injecting the backdoor into system processes.

Tracking these groups requires underground forum intelligence to understand their evolving tactics, such as the use of link management panels to monitor phishing campaign success rates.

Beyond the primary vulnerabilities mentioned, several other systems require immediate patching:

  • CVE-2025-13915: IBM API Connect.
  • CVE-2025-52691: SmarterTools SmarterMail.
  • CVE-2025-47411: Apache StreamPipes.
  • CVE-2025-48769: Apache NuttX RTOS.
  • CVE-2025-52871 / CVE-2025-53597: QNAP NAS devices.
  • CVE-2025-59887 / CVE-2025-59888: Eaton UPS Companion.

The inclusion of Eaton UPS and WHILL electric wheelchair vulnerabilities (CVE-2025-14346) emphasizes that the attack surface now extends deeply into physical infrastructure and specialized IoT devices.

Visual timeline of CVE-2025-55182 and CVE-2025-68668 exploit campaigns

The Evolution of Ransomware and Data Auctions

Ransomware operations are maturing into a structured market economy. Research indicates that actors are moving toward data auctions, where stolen information is sold to the highest bidder if the initial ransom is not paid. This creates multiple profit streams and mirrors legitimate market behavior.

To counter this, organizations need real-time ransomware intelligence and access to a live ransomware API to track data leaks and auction listings. This intelligence allows teams to assess the impact of a breach even if the encryption phase of an attack is successfully mitigated.

AI Abuse and Browser Agent Risks

OpenAI has reported a surge in prompt-injection attacks targeting its ChatGPT Atlas browser. These attacks attempt to override AI guardrails by concealing malicious instructions within web content. While OpenAI has implemented adversarially trained models, they have stated that prompt injection-much like social engineering-may never be fully resolved.

Microsoft has also observed adversaries using AI to increase the efficiency of phishing campaigns. AI-automated phishing emails have achieved a 54% click-through rate, a significant increase over the 12% rate seen in standard attempts. This capability allows attackers to generate more convincing lures and automate vulnerability discovery at scale.

Messaging App Compromise: Handala and Telegram

The Handala group recently breached the Telegram accounts of high-ranking Israeli officials. The suspected vectors include the exfiltration of Telegram Desktop session files (tdata) from compromised workstations. This incident demonstrates that even encrypted messaging apps are vulnerable if the endpoint is compromised. Organizations should employ telegram threat monitoring to detect when sensitive discussions or leaked session data appear on the platform.

Technical and Strategic Takeaways

For Technical Teams and Engineers:

  • Remediate CVE-2025-55182: Prioritize patching React Server Components and Next.js instances.
  • Secure n8n Environments: Immediately configure N8N_RUNNERS_ENABLED=true to move the Python execution into a secured task runner.
  • Secrets Management: Audit all GitHub repositories for exposed secrets and rotate CWS API keys immediately.
  • Browser Hardening: Restrict browser extension installations to an approved allow-list and monitor connections to gmzdaily.com.

For Business Leaders:

  • Review Crypto Security: Ensure corporate digital asset management involves multi-signature wallets rather than browser-based extensions.
  • Identity and Access Management (IAM): Implement mandatory MFA that is resistant to social engineering, such as FIDO2 security keys.
  • Supply Chain Assessment: Evaluate the security posture of third-party automation tools and browser agents.

PurpleOps Expertise in Modern Threat Mitigation

The complexities of 2026’s threat environment require a multi-layered approach to security. PurpleOps provides the specialized services necessary to identify and neutralize the vectors discussed in this recap.

To strengthen your organization’s resilience, explore our full range of cybersecurity services or visit our platform page for more information.

Frequently Asked Questions

What is React2Shell (CVE-2025-55182)?
It is a critical vulnerability (CVSS 10.0) in React Server Components and Next.js that allows unauthenticated remote code execution.

How does the N8scape vulnerability (CVE-2025-68668) affect n8n?
It allows authenticated users to bypass the Python sandbox and execute OS commands with the same privileges as the n8n process.

How can I protect against the DarkSpectre extension campaigns?
Implement strict browser allow-lists for extensions and monitor for unauthorized network connections from browser processes.

What is the significance of ransomware data auctions?
Data auctions indicate a shift from simple encryption-based extortion to a market where stolen data is sold to the highest bidder if ransoms aren’t met.

How successful is AI-driven phishing compared to traditional methods?
AI-automated phishing has seen click-through rates as high as 54%, compared to roughly 12% for traditional phishing campaigns.