medium · other · Disclosed Apr 6, 2026

Automated Credential Harvesting Campaign Exploits

An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.

Original Disclosure

https://www.darkreading.com/cyberattacks-data-breaches/auto…

Read original

Severity

medium

Sector

other

Disclosure date

April 6, 2026

Indexed

5 days, 18 hours ago

Check Your Exposure → Browse All Breaches View Live Map