Bissa Scanner, An AI-Assisted Credential Harvesting Factory
An exposed server revealed a criminal operation exploiting the React2Shell vulnerability (CVE-2025-55182) to harvest credentials. The “Bissa scanner” operation used AI tools like Claude Code and OpenClaw to automate target scanning, credential extraction, and victim triage. The operation targeted credentials from various cloud providers, payment platforms, and databases, highlighting the risks of storing secrets in .env files.
https://thecyberexpress.com/bissa-scanner-ai-assisted-credential-factory/


