Palo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet.

XMRogue would let defenders submit invalid mining job results from infected computers to get a proxy server banned from the ...

Five months after sanction Zservers, the U.S. Treasury Department targeted Aeza Group, another Russia-based bulletproof hosting services provider for allowing threat actors to host ransomware and ...

Threat actors leverage exposed JDWP interfaces for code execution and cryptocurrency mining, with global scanning activity ...

Quoting Kelling: "Our infrastructure has been under attack since August 2024. Large Language Model (LLM) web crawlers have ...

The vulnerability in question, tracked as CVE-2025-24016 (9.9), is a remote code execution (RCE) issue affecting open source XDR and SIEM solution Wazuh, which is used by more than 100,000 enterprises ...

A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them. The flaw, tracked under CVE ...

The botnet evolved to bypass many of the countermeasures deployed against it, signaling a dangerous new phase in IoT-focused cybercrime. BadBox 2.0, the latest iteration of the botnet, has proven ...

The second Mirai botnet exploiting the Wazuh flaw has been dubbed Resbot or Resentual and uses C2 domains that contain Italian words. This botnet also includes exploits for known vulnerabilities ...

The Stop Killing Games EU petition has surpassed 1 million signatures, but the campaign's founder Ross Scott warns more will ...

The FBI is warning that your TV streaming box or other smart devices could be infected with BADBOX 2.0 malware, turning them ...

Cybersecurity firm GreyNoise uncovere d the botnet using its AI-powered monitoring platform. The firm described the threat actors as sophisticated and well-resourced, though no attribution has ...