A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices. The malware ...

Delivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector, supplementing its usual remote login brute ...

Two separate Mirai botnet campaigns are exploiting a critical flaw in a somewhat unlikely target. The Akamai Security Intelligence and Response Team recently observed exploitation of CVE-2025-24016, a ...

A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 ...

TL;DR: GreyNoise uncovered the AyySSHush botnet infecting over 8,000 hosts, mainly ASUS routers, exploiting known bypass bugs to gain persistent SSH backdoor access that survives firmware updates.

Ankit Anubhav, a principal researcher at NewSky Security, has written about the firm's discovery of a new Internet of Things (IoT) botnet that will -- for the first time -- bypass enterprise firewalls ...

FortiGuard Labs, the research arm of security firm Fortinet, has uncovered a significant evolution in the IZ1H9 Mirai-based DDoS campaign. Discovered in September and described in an advisory ...

Threat actors have been observed exploiting a critical vulnerability, CVE-2023-46604, in Apache systems. Over the past few weeks, Fortiguard Labs identified multiple threat actors leveraging this ...

The malware has added exploits for more web applications and devices to its arsenal and some of them seem to be inherited from an older botnet called Mozi. Androxgh0st, a botnet known to steal cloud ...

RondoDox botnet exploits 56 vulnerabilities across 30+ internet-connected device types Its “exploit shotgun” approach is noisy, attracting defenders but compromising diverse hardware Patching devices, ...

The latest version of a distributed denial-of-service (DDoS) bot called Armageddon integrates a relatively new exploit known as Apache Killer, DDoS mitigation vendor Arbor Networks said on Tuesday.

Shellshock continues to reverberate: Attackers are exploiting recently discovered vulnerabilities in the Bash command-line interpreter in order to infect Linux servers with a sophisticated malware ...