AI/LLM-Generated Malware Used to Exploit React2Shell - Darktrace

An AI-generated malware sample exploited CVE-2025-55182, known as React2Shell, within a Docker honeypot with an exposed daemon. This resulted in remote code execution, allowing the deployment of an XMRig cryptominer on over ninety compromised hosts and demonstrating the operational value of LLMs for low-skill adversaries.