This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A new IoT botnet that exploits a remote code ...

The operators behind the highly adaptable RondoDox botnet campaign that kicked off in late March have proven to be ready to embrace the latest attack trends. Most recently, in December they began ...

A global Internet of Things (IoT) botnet campaign, dubbed "Ballista," has been targeting unpatched TP-Link routers since the beginning of 2025. The botnet exploits a remote code execution ...

Cato Networksは3月11日(現地時間)、「Cato CTRL: Ballista - New IoT Botnet Targeting Thousands of TP-Link Archer Routers｜Cato Networks」において、TP-Link製ルータを標的とする新しいボットネット「Ballista」を発見したと報じた。

Thousands of ASUS routers have been hacked to form a major botnet, exploiting vulnerabilities including CVE-2023-39780. Attackers installed persistent backdoors, making detection difficult. Users are ...

Fortinetは6月20日(米国時間)、「Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389｜FortiGuard Labs」において、脆弱性を持つルータを悪用して拡散している分散型サービス拒否攻撃(DDoS: Distributed Denial of Service attack)型ボットキャンペーンについて伝えた。TP-Link ...

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. The U.S.