RondoDox botnet exploited React2Shell to compromise IoT devices and Next.js servers over a nine-month global campaign.

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed ...

Kimwolf is the latest reminder that the most dangerous botnets now grow quietly inside everyday consumer electronics.

If you think your router is being used to conduct malicious activity, try using IP Check, which alerts you if your IP address has been observed scanning the internet as part of a botnet or residential ...

QiAnXin XLab published a new report on Kimwolf, an Android-based botnet that primarily targets TVs, set-top boxes, and tablets. At the moment, it infected roughly 1.8 million devices, mostly in Brazil ...

Hyper-volumetric IoT botnets have become a primary operational risk and new rules are required to maintain enterprise resilience. Cloudflare data from the third quarter of 2025 indicates that the ...

Android devices have been compromised by a backdoor bot. Update, March 7, 2025: This story, originally published March 6, has been updated with a statement from Google’s director of Android security ...

A second iteration of the BadBox botnet that affected over one million Android devices has been partially disrupted. A second iteration of the BadBox botnet has been partially disrupted after ...

Vo1d is a long-known botnet that infects Android TV devices, and security experts from XLab have now discovered a new variant that’s said to have infected over 1.6 million Android TV devices around ...