RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

A global Internet of Things (IoT) botnet campaign, dubbed "Ballista," has been targeting unpatched TP-Link routers since the beginning of 2025. The botnet exploits a remote code execution ...

A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices. The malware ...

A new botnet has been spotted in the wild which exploits the Microsoft Windows SMB protocol to move laterally across systems while covertly mining for cryptocurrency. In a report shared with ZDNet, on ...

A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell. It's been more than two years since the critical vulnerability in Log4j was first unleashed unto this earth, ...

A critical vulnerability has been discovered in the Linux-based Ruckus access points (AP) that allows remote attackers to take control of vulnerable systems. Tracked CVE-2023-25717 and first ...

Delivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector, supplementing its usual remote login brute ...

The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread. A new variant of the Hoaxcalls botnet, which can be ...

The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the security gateway. Cyberattackers are targeting a post-authentication remote code-execution ...