The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Bleeping Computer

New botnet malware exploits two zero-days to infect NVRs and routers

A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices. The malware ...
Dark Reading

FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts

A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell. It's been more than two years since the critical vulnerability in Log4j was first unleashed unto this earth, ...
Dark Reading

Mirai Variant 'Aquabot' Exploits Mitel Device Flaws

Yet another Mirai botnet variant is making the rounds, this time offering distributed denial-of-service (DDoS) as-a-service by exploiting flaws in Mitel SIP phones. It also features a unique ...
Infosecurity-magazine.com

Prometei Botnet Exploits Exchange Server Bugs to Grow

Security researchers have discovered that a persistent cryptocurrency mining botnet is exploiting still-unpatched Microsoft Exchange servers to grow globally. Dubbed “Prometei,” the botnet was first ...
Infosecurity-magazine.com

New Botnet Campaign Exploits Ruckus Wireless Flaw

A critical vulnerability has been discovered in the Linux-based Ruckus access points (AP) that allows remote attackers to take control of vulnerable systems. Tracked CVE-2023-25717 and first ...