The Hacker News

⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More

This week’s recap unpacks how evolving exploits, malware frameworks, and cloud missteps are reshaping modern cyber defense ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

The threat actors behind the RondoDox botnet are among the latest attackers to take advantage of the React2Shell flaw, weaponizing the vulnerability as an initial access vector to deploy other ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers. The targeted security defect, tracked as CVE-2025-55182, impacts systems relying on ...
GitHub

Pricing changes for GitHub Actions

TLDR: We’re postponing the announced billing change for self-hosted GitHub Actions to take time to re-evaluate our approach. We are continuing to reduce hosted-runners prices by up to 39% on January 1 ...
Dark Reading

'Broadside' Mirai Variant Targets Maritime Logistics Sector

Yet another variant of the Mirai botnet is threatening the maritime logistics sector by exploiting a critical flaw in digital recording devices used by companies on seagoing vessels. The attacks allow ...
Forbes

Millions Of Androids Hijacked By Botnets—Click Here To Check Yours

Attacks on smart devices at home have “exploded” in the past year, turning your innocent looking tech into “exit points for other people’s traffic.” You won’t know until it’s too late. “Your internet ...
techworm.net

ShadowV2 Botnet Used AWS Outage As A Quiet Test Run, Researchers Say

Security researchers at Fortinet’s FortiGuard Labs have identified a new Mirai-based botnet called ShadowV2 that quietly emerged during the major AWS outage in October, targeting vulnerable IoT ...
Ars Technica

Massive Cloudflare outage was triggered by file that suddenly doubled in size

When a Cloudflare outage disrupted large numbers of websites and online services yesterday, the company initially thought it was hit by a “hyper-scale” DDoS (distributed denial-of-service) attack. “I ...
TechRepublic

Microsoft Azure Fends Off ‘Largest DDoS Attack Ever Observed in the Cloud’

Microsoft Azure Fends Off ‘Largest DDoS Attack Ever Observed in the Cloud’ Your email has been sent Microsoft confirmed that Azure blocked a denial-of-service attack that involved more than 500,000 IP ...
Network World

Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower

Microsoft says the attack, sourced from more than 500,000 compromised IPs, exposes deep weaknesses in home IoT and raises questions about enterprise DDoS readiness. Azure has blocked its largest DDoS ...
TechCrunch

Police take down three cybercrime operations in latest round of ‘whack-a-mole’

An international coalition of law enforcement agencies coordinated by Europol targeted and took down three cybercrime operations in its latest round of what authorities call “Operation Endgame.” In a ...
Bleeping Computer

Massive multi-country botnet targets RDP services in the US

A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States from more than 100,000 IP addresses. The campaign started on October 8 and based on the source of the IPs, ...