The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
SecurityWeek

New ‘SSHStalker’ Linux Botnet Uses Old Techniques

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.
Dark Reading

PumaBot Targets Linux Devices in Latest Botnet Campaign

A novel Go-based Linux botnet, dubbed "PumaBot," has been observed targeting Internet of Things (IoT) devices. PumaBot differentiates itself from typical botnets by remotely retrieving a list of ...
The Hacker News

Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware

Outlook add-in phishing, Chrome and Apple zero-days, BeyondTrust RCE, cloud botnets, AI-driven threats, ransomware activity, and critical CVEs.
Hosted on MSN

Kimwolf DDoS botnet already grabbed 1.8M devices. What we know

Investigators have already seen that Kimwolf’s C2 domains have been successfully taken down by unknown parties at least three times in Dec, yet the botnet has always returned stronger, a pattern ...