Russian military-linked hackers tracked as APT28 have shifted cyber operations into compromised internet routers, using the MooBot botnet and vulnerable edge devices to harvest credentials, route ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...

Dutch NCSC and police dismantled a 17M‑device botnet by taking down 200 servers Asocks, previously tied to free Android VPN apps and promoted on Russian hacking forums, offered residential proxies ...

Authorities in the Netherlands said they dismantled a botnet that comprised more than 17 million devices and were managed by 200 servers in a joint operation by the police and the National Cyber ...

Security firms took down all four command-and-control (C&C) channels used by the GlassWorm malware. The GlassWorm botnet that has been targeting the open source software ecosystem for over six months ...

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe ...

The ides of security March are upon us — Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and Kubernetes as an ...

Estimated to have infected 7,000 systems, the botnet uses a mass-compromise pipeline, deploying various scanners and malware. A newly identified Linux botnet is relying on decade-and-a-half-old ...

The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2 ...

In 2024 alone, botnets accounted for 29% of all observed malware, reclaiming their spot at the top of the cyberthreat landscape, according to ForeScout Technologies Inc.’s latest analysis of 900 ...

A new campaign that combines traditional malware with modern DevOps tooling has been observed by cybersecurity analysts. The ShadowV2 DDoS operation, discovered by Darktrace, uses a ...