Botnet is a attack_type tracked across 50 threat clusters and 326 intelligence report mentions on ThreatCluster. First observed October 23, 2025; most recent activity July 16, 2026.
The RondoDox botnet is exploiting the React2Shell vulnerability (CVE-2025-55182) to infect vulnerable .js servers with malware and cryptominers. This ongoing campaign has been active for nine months, primarily targeting…
A joint advisory from 21 global cybersecurity agencies warns that Russian state hackers from the FSB's Center 16 are exploiting poorly configured routers to infiltrate critical infrastructure networks worldwide. The…
On June 18, 2026, international law enforcement agencies launched Operation Endgame, disrupting the SocGholish malware infrastructure linked to the Russian cybercrime group Evil Corp. The operation resulted in the…
On April 24, 2026, CISA added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog. The affected products include SimpleHelp remote management software, Samsung MagicINFO 9 Server, and…
In a recent speech, Anne Keast-Butler, head of GCHQ, warned that Russia is engaging in daily hybrid warfare against the UK, targeting critical infrastructure, democratic processes, supply chains, and public trust. She…
Since the onset of the Iran war, cybercrime has surged by 245%, as reported by Akamai. The banking and fintech sectors are the most affected, accounting for 40% of the malicious traffic, followed by e-commerce (25%) and…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a new guide titled 'Adapting Zero Trust Principles to Operational Technology' to assist organizations in implementing zero trust…
On July 3, 2026, Google, in coordination with the FBI and other partners, disrupted the NetNut residential proxy network, also known as the Popa botnet. This operation targeted over 2 million compromised consumer…
The Russian state-sponsored group Sandworm has intensified its cyber operations against industrial and critical infrastructure, utilizing pre-compromised operational technology (OT) environments instead of zero-day…
Chinese operatives have revived the KV-botnet, a covert data transfer network previously dismantled by the FBI in January 2024. The botnet, which primarily exploits vulnerable routers and IoT devices, has seen a…