14,000 routers are infected by malware that’s highly resistant to takedowns

Researchers say they have uncovered a takedown-resistant botnet of 14,000 routers and other network devices—primarily made by Asus—that have been conscripted into a proxy network that anonymously ...
The Hacker News

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

KadNap botnet infects 14,000+ routers using DHT-based P2P control while ClipXDaemon hijacks crypto wallets on Linux X11.
Bleeping Computer

New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network

A newly discovered botnet malware called KadNap is targeting ASUS routers and other edge networking devices to turn them into proxies for malicious traffic. Since August 2025, KadNap has grown to ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Krebs on Security

Kimwolf Botnet Swamps Anonymity Network I2P

For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed ...
CSOonline

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...
Bleeping Computer

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. The protocol was invented in 1988, and its ...
ZDNet

Massive 31.4 Tbps DDoS attack breaks records: How the 'apex' of botnets could be weaponizing your home devices

Aisuru smashed previous records with a 31.4 Tbps DDoS attack. It appeared to have focused on telecommunications providers. Seemingly safe and small devices can be weaponized for massive cyberattacks.
Krebs on Security

Who Operates the Badbox 2.0 Botnet?

The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2 ...
Fox News

Why your Android TV box may secretly be a part of a botnet

Android TV streaming boxes that promise "everything for one price" are everywhere right now. You'll see them on big retail sites, in influencer videos, and even recommended by friends who swear ...
Infosecurity-magazine.com

GoBruteforcer Botnet Targets Linux Servers

A botnet known as GoBruteforcer has been actively targeting Linux servers exposed to the internet, using large-scale brute-force attacks against common services such as FTP, MySQL, PostgreSQL and ...