The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Bleeping Computer

New Mirai botnet targets industrial routers with zero-day exploits

A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. Exploitation of ...
Infosecurity-magazine.com

IZ1H9 Botnet Targets IoT Devices With New Exploits

FortiGuard Labs, the research arm of security firm Fortinet, has uncovered a significant evolution in the IZ1H9 Mirai-based DDoS campaign. Discovered in September and described in an advisory ...
Dark Reading

Botnets Send Exploits Within Days to Weeks After Published PoC

Attackers quickly turn around real-world attacks using proof-of-concept code, taking only days to weeks to create workable exploits from published research, according to six months of data collected ...
Dark Reading

FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts

A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell. It's been more than two years since the critical vulnerability in Log4j was first unleashed unto this earth, ...
HHS

FritzFrog Botnet Exploits Log4Shell

Delivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector, supplementing its usual remote login brute ...
FOX8 Cleveland

Exploits, Botnets and Malware Spike in Q1 2023

COMMERCE, Mich., May 17, 2023 /PRNewswire/ -- Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q1 2023 Cyber Threat Report. The quarterly report ...
TechCrunch

Security researchers observed ‘deliberate’ takedown of notorious Mozi botnet

Security researchers say they have observed what they believe is a takedown of the notorious Mozi botnet that infiltrated more than a million Internet of Things devices worldwide. In research shared ...
Infosecurity-magazine.com

New Botnet Campaign Exploits Ruckus Wireless Flaw

A critical vulnerability has been discovered in the Linux-based Ruckus access points (AP) that allows remote attackers to take control of vulnerable systems. Tracked CVE-2023-25717 and first ...
CSOonline

DDoS Botnet Clients Start Integrating the Apache Killer Exploit

The latest version of a distributed denial-of-service (DDoS) bot called Armageddon integrates a relatively new exploit known as Apache Killer, DDoS mitigation vendor Arbor Networks said on Tuesday.