KadNap Botnet Turns ASUS Routers into Cybercrime Proxies
Cybersecurity researchers have uncovered a growing KadNap botnet that hijacks ASUS routers and other edge networking devices to power a large proxy network used in cybercrime. The malware quietly infects vulnerable devices and converts them into traffic relays that attackers can rent or use to conceal malicious activity. The campaign demonstrates how home and small-business networking hardware can become valuable
KimWolF Android Botnet Targets Networks via Residential Proxies
Android devices increasingly play a role far beyond personal communication, and the KimWolF Android botnet highlights how attackers now weaponize that reality. Instead of relying on traditional external attacks, this campaign abuses residential proxy infrastructure to blend malicious activity into everyday network traffic. By compromising Android devices that appear to belong to ordinary households, attackers gain access to networks that
RondoDox XWiki exploit Drives New Wave of Botnet Attacks
A RondoDox XWiki exploit fuels a new surge in botnet activity as threat actors target unpatched servers exposed to the internet. Security researchers observed fresh exploitation waves throughout November, and the campaign highlights how delayed patching creates real opportunities for attackers. The flaw at the center of the incident affects the SolrSearch endpoint in older XWiki versions and enables remote
Google Sues Badbox 2.0 Operators Behind 10 Million Device Botnet
Google sues Badbox 2.0 operators in a sweeping legal move to disrupt one of the largest Android botnets ever recorded. The tech giant’s lawsuit targets anonymous actors responsible for distributing malware through uncertified Android devices, primarily cheap TV streaming boxes. Over 10 million devices worldwide have been compromised. Filed in the Southern District of New York, the case aims to
BADBOX 2.0: How Your TV Could Be a Botnet Node
Imagine buying a brand-new smart TV or streaming box, still sealed in its packaging. Only to find out later that it was already compromised by hackers before it ever reached your hands. That’s the chilling reality behind BADBOX 2.0, a global botnet campaign that has turned over a million consumer devices into unwitting cyber weapons. The FBI is sounding the
PumaBot Botnet Compromises Linux IoT Devices
A newly discovered botnet called PumaBot is making rounds in the cybersecurity world. Designed to infiltrate Linux-based systems, this malware takes a focused and stealthy approach, specifically targeting Internet of Things (IoT) devices and surveillance systems through brute-force SSH attacks. Here’s a closer look at how PumaBot operates, what sets it apart from other botnets, and how you can protect
AyySSHush Botnet Hacks ASUS Routers to Add SSH Backdoor
The newly discovered AyySSHush botnet campaign has silently compromised over 9,000 ASUS routers, installing a persistent SSH backdoor using a series of sophisticated and stealthy techniques. The campaign highlights a growing threat to home and small office routers, leveraging legitimate features to maintain control, all without deploying traditional malware. Security researchers at GreyNoise uncovered the campaign in mid-March 2025, but
