THREAT OPS › Threat News › Minting Next.js Authentication Cookies
Minting Next.js Authentication Cookies
<p>In this post, we’ll look how an adversary can mint authentication cookies for Next.js (<code>next-auth/Auth.js</code>) applications to maintain persistent access to the application as any user.</p> <p><a href="https://embracethered.com/blog/images/2026/next-auth.png"><img alt="Minting NextAuth authentication tokens and cookies" src="https://embracethered.com/blog/images/2026/next-auth.png
Indicators of compromise
- https://react2shell.com/url