A sprawling, stealthy cyber campaign is hijacking web traffic by exploiting malicious NGINX configurations and the React2Shell vulnerability. Government and educational domains across Asia are in the crosshairs, as attackers automate traffic redirection and pursue interactive access.