Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

The threat actors behind the RondoDox botnet are among the latest attackers to take advantage of the React2Shell flaw, weaponizing the vulnerability as an initial access vector to deploy other ...
Krebs on Security

Tag Archives: Kimwolf botnet

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a ...
Bleeping Computer

Kimwolf Android botnet abuses residential proxies to infect internal devices

The Kimwolf botnet, an Android variant of the Aisuru malware, has grown to more than two million hosts, most of them infected by exploiting vulnerabilities in residential proxy networks to target ...
Krebs on Security

Who Benefited from the Aisuru and Kimwolf Botnets?

Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes.
Hosted on MSN

Botnet exploits weak passwords to breach crypto and blockchain servers

Cryptocurrency and blockchain project databases with weak credentials and AI-generated are being hacked through deployment patterns picked up by botnets, according to new research from Check Point. A ...