A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. The protocol was invented in 1988, and its ...
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain ...
Kimwolf is the latest reminder that the most dangerous botnets now grow quietly inside everyday consumer electronics. Security researchers say the Android-based network has already roped in roughly ...
CrowdStrike, Google, and Shadowserver jointly dismantled the Glassworm botnet on May 26, 2026, by disrupting all four of its resilient C2 channels simultaneously Active since early 2025, Glassworm ...
Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes.
A novel Go-based Linux botnet, dubbed "PumaBot," has been observed targeting Internet of Things (IoT) devices. PumaBot differentiates itself from typical botnets by remotely retrieving a list of ...
A stealthy Linux malware called AVrecon has been infecting over 70,000 small office/home office (SOHO) routers, creating a botnet primarily aimed at stealing bandwidth and operating as a hidden ...
A newly identified botnet loader is shifting command-and-control (C2) operations onto the Polygon blockchain, eliminating the central servers that authorities and security firms have historically ...
A number of botnets are pummeling a nearly year-old command-injection vulnerability in TP-Link routers to compromise the devices for IoT-driven distributed denial of service (DDoS) attacks. There ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results