10 articles tagged with "Iot"
Canadian authorities arrest 23-year-old Jacob Butler for operating the KimWolf IoT botnet. The DDoS-for-hire operation enslaved nearly 2 million devices and set volumetric attack records.
Hunt.io uncovers xlabs_v1, a Mirai-based botnet exploiting Android Debug Bridge on port 5555 to conscript IoT devices into a DDoS-for-hire service targeting game servers.
Masjesu botnet, marketed via Telegram, exploits 12 vulnerabilities to conscript routers and IoT devices for DDoS attacks. Nearly 50% of traffic originates from Vietnam.
Akamai detects active exploitation of CVE-2025-29635 in discontinued D-Link DIR-823X routers. The tuxnokill variant spreads via command injection and launches DDoS attacks from compromised devices.
Critical CVSS 9.8 command injection vulnerability in Totolink A7100RU routers enables unauthenticated remote code execution. Public exploit available, no patch released.
Critical CVE-2025-15517 allows attackers to bypass authentication on TP-Link Archer NX routers, upload malicious firmware, and modify configurations without credentials.
Budget Android TV boxes and tablets ship with backdoors from the factory, turning home networks into criminal infrastructure for ad fraud and proxy services.
CVE-2025-14346 allows attackers within Bluetooth range to fully control electric wheelchairs without authentication, earning a CVSS 9.8 severity score.
CVE-2025-66398 lets unauthenticated attackers achieve code execution on boat navigation servers. CVSS 9.6 vulnerability affects all versions before 2.19.0.
Massive Android botnet targets set-top boxes and tablets, issued 1.7 billion attack commands in 3 days, briefly surpassing Google in DNS rankings.