More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Law enforcement agencies have scored a major win against the world’s most predatory botnet operations, dismantling the infrastructure of four major networks responsible for some of the most aggressive ...

The ides of security March are upon us — Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and Kubernetes as an ...

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department. The collection of millions of ...

A global coalition of law enforcement agencies shut down a botnet made of tens of thousands of hacked home and small business routers on Wednesday. The operation targeted SocksEscort, which offered ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed ...

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. The protocol was invented in 1988, and its ...

The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2 ...

A botnet known as GoBruteforcer has been actively targeting Linux servers exposed to the internet, using large-scale brute-force attacks against common services such as FTP, MySQL, PostgreSQL and ...

The threat actors behind the RondoDox botnet are among the latest attackers to take advantage of the React2Shell flaw, weaponizing the vulnerability as an initial access vector to deploy other ...