Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
Bleeping Computer

RondoDox botnet malware now hacks servers using XWiki flaw

The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. On October 30, the U.S. Cybersecurity and Information Security ...
Hosted on MSN

A massive new DDoS botnet has already snared 1.8 million devices - here's what we know about Kimwolf

Kimwolf, an Android botnet with 1.8 million infected devices, is rapidly evolving using ENS for resilience Its code and infrastructure overlap with AISURU, indicating both belong to the same threat ...
Krebs on Security

Who Benefited from the Aisuru and Kimwolf Botnets?

Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes.
Krebs on Security

Cloudflare Scrubs Aisuru Botnet from Top Domains List

For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested ...