The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
Bleeping Computer

MikroTik botnet uses misconfigured SPF DNS records to spread malware

A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. The ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
Bleeping Computer

New botnet exploits vulnerabilities in NVRs, TP-Link routers

A new Mirai-based botnetis actively exploiting a remote code execution vulnerability that has not received a tracker number and appears to be unpatched in DigiEver DS-2105 Pro NVRs. The campaign ...
Dark Reading

Mirai Botnets Exploit Flaw in Wazuh Security Platform

Two separate Mirai botnet campaigns are exploiting a critical flaw in a somewhat unlikely target. The Akamai Security Intelligence and Response Team recently observed exploitation of CVE-2025-24016, a ...