The Hacker News

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

GoBruteforcer malware uses weak passwords and exposed services to build a botnet targeting crypto projects, Linux servers, ...

New GoBruteforcer attack wave targets crypto, blockchain projects

A new wave of GoBruteforcer botnet malware attacks is targeting databases of cryptocurrency and blockchain projects on ...
Infosecurity Magazine

GoBruteforcer Botnet Targets Linux Servers

A botnet known as GoBruteforcer has been actively targeting Linux servers exposed to the internet, using large-scale ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
SecurityWeek

Kimwolf Android Botnet Grows Through Residential Proxy Networks

The Kimwolf botnet has ensnared over 2 million Android devices, mainly exploiting an exposed ADB service through residential ...
The Hacker News

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

Kimwolf is an Android botnet that infected 2M+ devices via exposed ADB, using proxy networks to run DDoS attacks and sell ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Dark Reading

Mylobot Botnet & Khalesi Malware Deliver One-Two Security Punch

Mylobot, a recently discovered botnet that can elude antivirus software and sandboxes, is now able to deliver Khalesi information stealer malware on infected machines as part of a secondary attack, ...
TechRepublic

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

The Androxgh0st malware botnet is used for victim identification and exploitation in targeted networks, as well as credentials collection. Read the FBI/CISA's tips for protecting against this malware ...