Dark Reading

GoBruteforcer Botnet Targets 50K-plus Linux Servers

Researchers detailed a souped-up version of the GoBruteforcer botnet that preys on servers with weak credentials and ...
Cryptopolitan on MSN

Botnet exploits weak passwords to breach crypto and blockchain servers

Cryptocurrency and blockchain project databases with weak credentials and AI-generated are being hacked through deployment ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
The Hacker News

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

GoBruteforcer malware uses weak passwords and exposed services to build a botnet targeting crypto projects, Linux servers, ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
Krebs on Security

Oregon Man Charged in ‘Rapper Bot’ DDoS Service

A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,” a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets — ...
ZDNet

Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene

A new botnet is targeting routers, Internet of Things (IoT) devices, and an array of server architectures. Simple steps can make the difference between losing your online accounts or maintaining what ...