P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers. According to Cado ...

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...

The DDoS-capable Masjesu botnet focuses on evasion and persistence, but targets a broad range of IoT devices to spread.

A Linux-based botnet is alive and well, powering cryptocurrency theft and financial scams years after the imprisonment of one the key perpetrators behind it. The Ebury botnet — which was first ...

A new report out today from Fortinet Inc.’s FortiGuard Labs details the activities of two different botnets observed through October and November that are being spread through vulnerabilities in ...

A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. The ...

Masjesu botnet drives global DDoS attacks since 2023, with nearly 50% traffic from Vietnam, threatening enterprises and IoT ...

Dutch coppers have pulled the plug on the Grum botnet just a week after the servers were identified by malware intelligence firm FireEye. The speedy removal of the servers shines light on how quickly ...

A new botnet has been slowly growing over the past year by brute-forcing SSH logins and deploying cryptomining malware on Linux servers. The main bot client is based on the old Mirai worm whose source ...

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...