A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...

A Mirai botnet has started exploiting CVE-2025-29635, a year-old command injection vulnerability in discontinued D-Link ...

CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.

Old TP-Link router flaw is being abused again The threat actors are building out a botnet named Ballista They are operating ...

Two separate Mirai botnet campaigns are exploiting a critical flaw in a somewhat unlikely target. The Akamai Security Intelligence and Response Team recently observed exploitation of CVE-2025-24016, a ...

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...

RondoDox botnet exploits 56 vulnerabilities across 30+ internet-connected device types Its “exploit shotgun” approach is noisy, attracting defenders but compromising diverse hardware Patching devices, ...

Masjesu botnet targets IoT devices globally as a DDoS-for-hire service, deliberately avoiding U.S. military networks to survive.

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.