Palo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet.

XMRogue would let defenders submit invalid mining job results from infected computers to get a proxy server banned from the ...

Threat actors leverage exposed JDWP interfaces for code execution and cryptocurrency mining, with global scanning activity ...

The vulnerability in question, tracked as CVE-2025-24016 (9.9), is a remote code execution (RCE) issue affecting open source XDR and SIEM solution Wazuh, which is used by more than 100,000 enterprises ...

A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them. The flaw, tracked under CVE ...

The botnet evolved to bypass many of the countermeasures deployed against it, signaling a dangerous new phase in IoT-focused cybercrime. BadBox 2.0, the latest iteration of the botnet, has proven ...

The second Mirai botnet exploiting the Wazuh flaw has been dubbed Resbot or Resentual and uses C2 domains that contain Italian words. This botnet also includes exploits for known vulnerabilities ...

The FBI is warning that your TV streaming box or other smart devices could be infected with BADBOX 2.0 malware, turning them ...

Cybersecurity firm GreyNoise uncovere d the botnet using its AI-powered monitoring platform. The firm described the threat actors as sophisticated and well-resourced, though no attribution has ...

The first of the two approaches, dubbed bad shares, entails banning the mining proxy from the network, which, in turn, ...

If you are using TBK DVR-4104, DVR-4216, or any digital video recording device that uses these instances as its basis, you might want to keep an eye on your hardware because it’s being actively hunted ...

The 7.3Tbps attack amounted to 37.4 terabytes of junk traffic that hit the target in just 45 seconds. That's an almost ...