Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
Krebs on Security

Who Operates the Badbox 2.0 Botnet?

The FBI said Badbox 2.0 was discovered after the original Badbox campaign was disrupted in 2024. The original Badbox was ...
Bleeping Computer

RondoDox botnet malware now hacks servers using XWiki flaw

The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. On October 30, the U.S. Cybersecurity and Information Security ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

The threat actors behind the RondoDox botnet are among the latest attackers to take advantage of the React2Shell flaw, weaponizing the vulnerability as an initial access vector to deploy other ...
Hosted on MSN

A massive new DDoS botnet has already snared 1.8 million devices - here's what we know about Kimwolf

Kimwolf, an Android botnet with 1.8 million infected devices, is rapidly evolving using ENS for resilience Its code and infrastructure overlap with AISURU, indicating both belong to the same threat ...
Dark Reading

Botnets Step Up Cloud Attacks Via Flaws, Misconfigurations

A series of known and powerful botnets are ramping up attacks against Web-exposed assets such as PHP servers, Internet of Things (IoT) devices, and cloud gateways to gain control over network ...