The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
InfoWorld

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.
Krebs on Security

The Kimwolf Botnet is Stalking Your Local Network

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a ...
Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
PC Magazine

5 Cybersecurity Disasters You Missed This Week: Airport Wi-Fi Hacks, Botnets, Spyware Extensions, and More

From record-breaking DDoS attacks to millions infected by malicious extensions, this week delivered some of the most alarming cyber incidents of the year. I've been writing and editing stories for ...
techworm.net

ShadowV2 Botnet Used AWS Outage As A Quiet Test Run, Researchers Say

Security researchers at Fortinet’s FortiGuard Labs have identified a new Mirai-based botnet called ShadowV2 that quietly emerged during the major AWS outage in October, targeting vulnerable IoT ...
Ars Technica

Massive Cloudflare outage was triggered by file that suddenly doubled in size

When a Cloudflare outage disrupted large numbers of websites and online services yesterday, the company initially thought it was hit by a “hyper-scale” DDoS (distributed denial-of-service) attack. “I ...
TechRepublic

Microsoft Azure Fends Off ‘Largest DDoS Attack Ever Observed in the Cloud’

Microsoft Azure Fends Off ‘Largest DDoS Attack Ever Observed in the Cloud’ Your email has been sent Microsoft confirmed that Azure blocked a denial-of-service attack that involved more than 500,000 IP ...
Network World

Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower

Microsoft says the attack, sourced from more than 500,000 compromised IPs, exposes deep weaknesses in home IoT and raises questions about enterprise DDoS readiness. Azure has blocked its largest DDoS ...
Krebs on Security

Cloudflare Scrubs Aisuru Botnet from Top Domains List

For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested ...
SecurityWeek

TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks

A new class of Mirai-based DDoS botnets have been launching massive attacks, but their inability to spoof traffic enables device remediation. An emerging IoT botnet has been observed launching ...
Dark Reading

RondoDox Botnet: an 'Exploit Shotgun' for Edge Vulns

A new botnet is exploiting dozens of known vulnerabilities in hard-to-patch edge devices. "RondoDox" is characteristically unlike most botnets, researchers from Trend Micro said in a report on ...