Dutch coppers have pulled the plug on the Grum botnet just a week after the servers were identified by malware intelligence firm FireEye. The speedy removal of the servers shines light on how quickly ...

A newly identified botnet loader is shifting command-and-control (C2) operations onto the Polygon blockchain, eliminating the ...

Researchers detail Aeternum C2 storing botnet commands on Polygon blockchain, while DSLRoot operates 300 residential proxy ...

P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers. According to Cado ...

Kimwolf is a botnet that surfaced in late 2025 and quickly infected millions of systems, turning poorly secured IoT devices like TV streaming boxes, digital picture frames and routers into relays for ...

Hackers resurrect 90s IRC tricks with SSHStalker, using old exploits to quietly compromise thousands of Linux servers ...

A Linux-based botnet is alive and well, powering cryptocurrency theft and financial scams years after the imprisonment of one the key perpetrators behind it. The Ebury botnet — which was first ...

A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. The ...

A number of botnets are pummeling a nearly year-old command-injection vulnerability in TP-Link routers to compromise the devices for IoT-driven distributed denial of service (DDoS) attacks. There ...