Lucene search
K

1843 matches found

Cvelist
Cvelist
added 2026/05/08 12:0 a.m.221 views

CVE-2024-45257

A Command Injection issue in the payload build page in BYOB Build Your Own Botnet 2.0 allows attackers to execute arbitrary commands on the server via a crafted build parameter. This occurs in freeze in core/generators.py...

0.03891EPSS
Exploits3References3
ATTACKERKB
ATTACKERKB
added 2026/05/08 12:0 a.m.7 views

CVE-2024-45257

A Command Injection issue in the payload build page in BYOB Build Your Own Botnet 2.0 allows attackers to execute arbitrary commands on the server via a crafted build parameter. This occurs in freeze in core/generators.py...

7.6AI score0.03891EPSS
Exploits3References5
The Hacker News
The Hacker News
added 2026/05/06 8:21 p.m.13 views

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabsv1 and targets internet-exposed devices running Android Debug Bridge ADB to enlist them in a network capable of carrying out distributed denial-of-service DDoS attacks. Hunt.io, which detailed the...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/04 2:23 p.m.22 views

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to...

9.9CVSS8AI score0.981EPSS
Exploits321
HackRead
HackRead
added 2026/05/01 5:21 p.m.9 views

Hackers Use Jenkins Access to Deploy DDoS Botnet Against Gaming Servers

A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/01 7:27 a.m.125 views

Exploit for Missing Authentication for Critical Function in Cpanel

🔒 cPanel CVE-2026-41940 / nuclear.x86 Security Audit & Cleanup...

9.8CVSS6AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/04/30 7:1 p.m.157 views

Exploit for CVE-2026-41940

cpanel-cve-2026-41940-fix One-shot detection and remediatio...

9.8CVSS6.2AI score0.981EPSS
Exploits64
Krebs on Security
Krebs on Security
added 2026/04/30 2:4 p.m.13 views

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service DDoS attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm's chief executive...

8.8CVSS8.4AI score0.99999EPSS
Exploits7
The Hacker News
The Hacker News
added 2026/04/21 6:18 p.m.12 views

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

Threat actors associated with The Gentlemen ransomware‑as‑a‑service RaaS operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control C2 or C&C server linked to SystemBC has led to the discover...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/04/17 2:0 p.m.12 views

New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks

Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/16 5:52 p.m.10 views

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control C2 beaconing intervals, rather than persisten...

6.5AI score
Exploits0
Talos Blog
Talos Blog
added 2026/04/16 10:0 a.m.7 views

PowMix botnet targets Czech workforce

Cisco Talos discovered an ongoing malicious campaign, operating since at least December 2025, affecting a broader workforce in the Czech Republic with a previously undocumented botnet we call "PowMix." PowMix employs randomized command-and-control C2 beaconing intervals, rather than persistent...

6.5AI score
Exploits0
HackRead
HackRead
added 2026/04/15 9:58 a.m.12 views

13.5M Device Botnet Drives 2 Tbps DDoS Attacks on FinTech, Qrator Finds

A new Qrator Labs report reveals that the largest DDoS botnet has grown to 13.5 million devices, and…...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/09 12:57 p.m.10 views

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twic...

8.8CVSS7.5AI score0.96666EPSS
Exploits15
The Hacker News
The Hacker News
added 2026/04/08 4:30 p.m.8 views

Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices

Cybersecurity researchers have lifted the curtain on a stealthy botnet that's designed for distributed denial-of-service DDoS attacks. Called Masjesu , the botnet has been advertised via Telegram as a DDoS-for-hire service since it first surfaced in 2023. It's capable of targeting a wide range of...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/07 12:46 p.m.11 views

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet. "A purpose-built Python scanner continuously sweeps major cloud IP ranges for vulnerable targets,...

10CVSS7.6AI score0.99654EPSS
Exploits469
Trellix
Trellix
added 2026/04/07 12:0 a.m.9 views

Masjesu Rising: The Commercial IoT Botnet Built for Stealth, DDoS, and IoT Evasion

Masjesu Rising: The Commercial IoT Botnet Built for Stealth, DDoS, and IoT Evasion By Mohideen Abdul Khader F · April 7, 2026 Botnet overview The Masjesu botnet, a sophisticated, commercially-run Internet of Things IoT threat, has been operational and evolving since early 2023, continuing into...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.10 views

ML Defender (ARGus NDR): An Open-Source Embedded ML NIDS for Botnet and Anomalous Traffic Detection in Resource-Constrained Organizations

Ransomware and DDoS attacks disproportionately impact hospitals, schools, and small organizations that cannot afford enterprise security solutions. We present ML Defender aRGus NDR, an open-source network intrusion detection system built in C++20, deployable on commodity hardware at approximately...

5.9AI score
Exploits0
HackRead
HackRead
added 2026/03/25 8:23 p.m.3 views

Mirai Malware Evolves into Hundreds of Variants Driving Botnet Growth

Mirai malware evolves into hundreds of variants, driving botnet growth, including Aisuru and KimWolf, powering large-scale attacks, and increasing risks to vulnerable IoT devices worldwide...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/25 11:52 a.m.7 views

Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

The U.S. Department of Justice DoJ said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies. Ilya Angelov, 40, of Tolyatti, Russia, was also fined $100,000. Angelov, who went by the online aliases...

5.8AI score
Exploits0
Rows per page
Query Builder