6d • general chat
Heads up for anyone running Next.js on a VPS.
CVE GHSA-9qr9-h5gf-34mp is being actively exploited. Bots are scanning constantly and move fast once they find an exposed port.
Got hit last week. Attacker was inside 77 minutes after container start. Ran a Monero miner for 4 days before I caught it.
Patched version is 15.5.15 or higher. If you're running anything older on a public port, bump it now.
0
0 comments
Heads up for anyone running Next.js on a VPS.
skool.com/useful-ai
for cool people building actually useful stuff with AI.
Leaderboard (30-day)
1
+40
2
+24
3
+19
4
+18
5
+13
Powered by