Cybersecurity researchers have exposed a new Mirai -derived botnet that self-identifies as xlabs_v1 and targets ...

Two separate Mirai botnet campaigns are exploiting a critical flaw in a somewhat unlikely target. The Akamai Security Intelligence and Response Team recently observed exploitation of CVE-2025-24016, a ...

A global Internet of Things (IoT) botnet campaign, dubbed "Ballista," has been targeting unpatched TP-Link routers since the beginning of 2025. The botnet exploits a remote code execution ...

RondoDox botnet exploits 56 vulnerabilities across 30+ internet-connected device types Its “exploit shotgun” approach is noisy, attracting defenders but compromising diverse hardware Patching devices, ...

Old TP-Link router flaw is being abused again The threat actors are building out a botnet named Ballista They are operating ...

A newly identified malware campaign has been observed exploiting a command injection flaw in digital video recorder (DVR) devices to deploy a Mirai-based botnet, according to analysis by FortiGuard ...

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. CVE-2025 ...

Cyber criminals are exploiting IoT devices in homes to create a botnet called BADBOX 2.0, enabling illegal online activities. Most compromised devices are manufactured in China and become infected ...

TL;DR: GreyNoise uncovered the AyySSHush botnet infecting over 8,000 hosts, mainly ASUS routers, exploiting known bypass bugs to gain persistent SSH backdoor access that survives firmware updates.