New FCC router ban could leave home networks less secure

On Monday, the Federal Communications Commission FCC updated its list of insecure equipment, outlining its reasons for adding all consumer-grade routers made outside the US. Effectively, this would stop foreign-made routers from being imported unless their manufacturers obtain an exemption, due t...

DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

The U.S. Department of Justice DoJ on Thursday announced the disruption of command-and-control C2 infrastructure used by several Internet of Things IoT botnets like AISURU, Kimwolf, JackSkid, and Mossad as part of a court-authorized law enforcement operation. The effort also saw authorities from...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million Internet of Things IoT devices, such as routers and web cameras. The feds say the four botnets -- named Aisu...

US Takes Down Botnets Used in Record-Breaking Cyberattacks

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department...

Akamai Helps Authorities Disrupt the World’s Largest IoT Botnets

The U.S. DOJ recently disrupted several large and powerful DDoS botnets and shut down their related DDoS-for-hire services with Akamai’s help...

EUVD-2025-21742

Malicious code in bioql PyPI...

Towards Adapting Federated and Quantum Machine Learning for Network Intrusion Detection: a Survey

This survey explores the integration of Federated Learning FL with Network Intrusion Detection Systems NIDS, with particular emphasis on deep learning and quantum machine learning approaches. FL enables collaborative model training across distributed devices while preserving data privacy-a critic...

TL-BOTS

The repository TL-BOTS contains a collection of source code for various botnets. The botnets are categorized into several folders, including TL.BOTNET, TL.EXPLOITSCAN, and TL.IRC. The TL.BOTNET folder contains botnets that may be merged with TL-TROJAN at a later date, while the TL.EXPLOITSCAN...

malSploitBase

This repository contains a collection of exploit code and research related to various malware and crimeware tools. The exploits are categorized into different sections, including Banking, Exploit Pack, and Http Botnets. The Banking section contains exploits for various banking malware, such as...

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Cybersecurity researchers are calling attention to multiple campaigns that are taking advantage of known security vulnerabilities and exposed Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining...

CVE-2025-34129

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

CVE-2025-34129

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

CVE-2025-34130 LILIN DVR Arbitrary File Read via net_html.cgi

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

CVE-2025-34129 LILIN DVR RCE via Malicious FTP/NTP Configuration

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

CVE-2025-34129

CVE-2025-34129 affects LILIN Digital Video Recorder (DVR) devices prior to firmware 2.0b60_20200207. The root cause is insufficient sanitization of the FTP and NTP Server fields in the service configuration, allowing an attacker with access to the configuration interface to upload a malicious XML...

CVE-2025-34129 LILIN DVR RCE via Malicious FTP/NTP Configuration

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

PT-2025-29892 · Lilin · Lilin Digital Video Recorder

Name of the Vulnerable Software and Affected Versions: LILIN Digital Video Recorder DVR versions prior to 2.0b60 20200207 Description: An unauthenticated arbitrary file read issue exists in LILIN Digital Video Recorder DVR devices. This allows attackers to read sensitive configuration files, such...

Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors

Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service DDoS attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter. "Overall, in Q2 2025, hyper-volumetric DDoS attacks skyrocketed," Omer Yoachimik and...

Cryptominers’ Anatomy: Shutting Down Mining Botnets

...