Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

The threat actors behind the RondoDox botnet are among the latest attackers to take advantage of the React2Shell flaw, weaponizing the vulnerability as an initial access vector to deploy other ...

In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers. The targeted security defect, tracked as CVE-2025-55182, impacts systems relying on ...

Linked to the Aisuru IoT botnet, Kimwolf was seen launching over 1.7 billion DDoS attack commands and increasing its C&C domain’s popularity. A newly identified Android botnet has infected over 1.8 ...

Security researchers at Fortinet’s FortiGuard Labs have identified a new Mirai-based botnet called ShadowV2 that quietly emerged during the major AWS outage in October, targeting vulnerable IoT ...

The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. On October 30, the U.S. Cybersecurity and Information Security ...

A new botnet is exploiting dozens of known vulnerabilities in hard-to-patch edge devices. "RondoDox" is characteristically unlike most botnets, researchers from Trend Micro said in a report on ...

In 2024 alone, botnets accounted for 29% of all observed malware, reclaiming their spot at the top of the cyberthreat landscape, according to ForeScout Technologies Inc.’s latest analysis of 900 ...

A new report out today from Darktrace Ltd. reveals a sophisticated cybercrime campaign that blends traditional malware with cloud-native design principles, exposing how threat actors are evolving ...

Researchers have stumbled upon a massive MAGA botnet of hundreds of accounts on Elon Musk’s social media platform and right-wing echo chamber X-formerly-Twitter. As NBC News reports, the accounts use ...