Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.

Hackers resurrect 90s IRC tricks with SSHStalker, using old exploits to quietly compromise thousands of Linux servers ...

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...

A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. Exploitation of ...

Two separate Mirai botnet campaigns are exploiting a critical flaw in a somewhat unlikely target. The Akamai Security Intelligence and Response Team recently observed exploitation of CVE-2025-24016, a ...

A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 ...

RondoDox botnet exploits 56 vulnerabilities across 30+ internet-connected device types Its “exploit shotgun” approach is noisy, attracting defenders but compromising diverse hardware Patching devices, ...

Security researchers have uncovered a new Mirai-based botnet that uses zero-day exploits for industrial routers and smart home devices to spread. The offensively named “gayfemboy” botnet was first ...

A new botnet is exploiting dozens of known vulnerabilities in hard-to-patch edge devices. "RondoDox" is characteristically unlike most botnets, researchers from Trend Micro said in a report on ...

Popular for monitoring Docker containers, Wazuh is being exploited by two Mirai botnet variants — one of which aligns closely with researchers’ previously released proof-of-concept attack against the ...