CSOonline

Mirai-based NoaBot botnet deploys cryptominer on Linux servers

A new botnet has been slowly growing over the past year by brute-forcing SSH logins and deploying cryptomining malware on Linux servers. The main bot client is based on the old Mirai worm whose source ...
The Hacker News

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.
Bleeping Computer

New Mirai botnet infect TBK DVR devices via command injection flaw

A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them. The flaw, tracked under ...
Ars Technica

Linux devices are under attack by a never-before-seen worm

For the past year, previously unknown self-replicating malware has been compromising Linux devices around the world and installing cryptomining malware that takes unusual steps to conceal its inner ...
Dark Reading

Mirai Variant Opens Tenda, Zyxel Gear to RCE, DDoS

A variant of the Mirai botnet is leveraging four different device vulnerabilities to add popular Linux-based servers and Internet of things (IoT) gear to botnets that can conduct network-based attacks ...
Dark Reading

Mirai Botnets Exploit Flaw in Wazuh Security Platform

Two separate Mirai botnet campaigns are exploiting a critical flaw in a somewhat unlikely target. The Akamai Security Intelligence and Response Team recently observed exploitation of CVE-2025-24016, a ...