Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...

A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 ...

Security researchers have uncovered a new Mirai-based botnet that uses zero-day exploits for industrial routers and smart home devices to spread. The offensively named “gayfemboy” botnet was first ...

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.

RondoDox botnet exploits 56 vulnerabilities across 30+ internet-connected device types Its “exploit shotgun” approach is noisy, attracting defenders but compromising diverse hardware Patching devices, ...

Old TP-Link router flaw is being abused again The threat actors are building out a botnet named Ballista They are operating ...

Attackers are actively targeting a critical flaw in a popular Python-based Web app for building AI agents and workflows to unleash a powerful botnet that can cause full system compromise, distributed ...

Cyber criminals are exploiting IoT devices in homes to create a botnet called BADBOX 2.0, enabling illegal online activities. Most compromised devices are manufactured in China and become infected ...