All CosmicBytez Labs articles tagged #Botnet, across news, security advisories, how-to guides, and projects.
Trend Micro researchers discovered a Russian-speaking threat actor named 'bandcampro' who jailbroke Google's open-source Gemini CLI to operate an 8-machine botnet inside a dental clinic, including autonomously migrating C2 infrastructure in just 6 minutes.
This week's threat roundup covers residential proxy botnets hiding in streaming boxes, browser-based ransomware campaigns, AI agent abuse techniques, and...
Google's Threat Intelligence Group and the FBI have dismantled NetNut, a residential proxy network built on 2 million compromised Android smart TVs and...
Working alongside the FBI and Lumen Technologies, Google's Threat Intelligence Group has significantly degraded NetNut — one of the largest networks that...
Researchers at QiAnXin's XLab have identified AryStinger, a novel malware targeting end-of-life D-Link routers and QNAP NAS devices to build a distributed...
A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated D-Link routers, converting them into malicious proxy...
In a major Operation Endgame action, law enforcement and private partners seized 106 SocGholish command-and-control servers and domains, with...
International law enforcement cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish...
Security researchers have traced the sprawling Popa Android botnet — which enslaved millions of consumer TV boxes for ad fraud and data scraping — to a...
An AI-generated ransomware toolkit automates EDR evasion; Windows Netlogon RCE is actively exploited on domain controllers; the Miasma campaign hits Red Hat…
Dutch authorities seized command-and-control servers tied to a botnet of 17 million infected computers, smartphones, and tablets that was allegedly used to…
DDoS attacks are increasingly sold as subscription services with pricing tiers, reseller programs, and customer support. Flare's analysis reveals how the…
Dutch authorities took offline a massive botnet of 17 million infected devices and seized more than 200 servers from a local hosting provider that...
CrowdStrike, Google, and Shadowserver dismantled the Glassworm botnet, stripping operators of infrastructure used to inject malware into OSS packages.
Canadian authorities arrested a 23-year-old Ottawa man suspected of building and operating Kimwolf, an IoT botnet that enslaved millions of devices for...
Jacob Butler, a Canadian national, has been arrested and charged in the United States and Canada for running the KimWolf DDoS-for-hire botnet, which...
U.S. and Canadian authorities arrested and charged a Canadian man with operating the Kimwolf DDoS botnet, which infected nearly two million devices...
Russia's Turla APT has transformed its long-running Kazuar backdoor into a modular peer-to-peer botnet architecture engineered for stealth and deep...
Secret Blizzard, a Russian state-sponsored threat group, has evolved its long-running Kazuar backdoor into a sophisticated modular peer-to-peer botnet...
CISA has added four actively exploited vulnerabilities affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X routers to its Known...
A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability in end-of-life D-Link DIR-823X...
Researchers have discovered a SystemBC proxy botnet of over 1,570 compromised hosts linked to Gentlemen ransomware operations. The gang's affiliate is...
Threat actors are deploying the Nexcorium Mirai botnet variant by exploiting CVE-2024-3721 in TBK DVR devices and targeting end-of-life TP-Link Wi-Fi...
This week's ThreatsDay Bulletin from The Hacker News covers 20 active threats including a hybrid P2P DDoS botnet, a 13-year-old Apache ActiveMQ RCE flaw...
A joint operation by the US Department of Justice, Canada, and Germany has dismantled the infrastructure behind four highly disruptive IoT botnets that...
Ilya Angelov, co-leader of the TA551/Mario Kart cybercrime group, was sentenced to two years in prison for operating a phishing botnet that sent 700,000...
The U.S. Department of Justice, in coordination with Germany and Canada, has dismantled the C2 infrastructure of four major IoT botnets — AISURU, Kimwolf,...
Security researchers discover a new Linux botnet named SSHStalker that leverages the legacy IRC protocol for C2 operations, marking a return to old-school...
IoT botnet Kimwolf launches sustained attack against The Invisible Internet Project (I2P), disrupting the encrypted, decentralized communications network...
Cloudflare discloses the largest publicly reported DDoS attack to date, peaking at 31.4 Tbps during 'The Night Before Christmas' campaign attributed to...