KadNap botnet infects 14,000+ routers using DHT-based P2P control while ClipXDaemon hijacks crypto wallets on Linux X11.

Researchers detail Aeternum C2 storing botnet commands on Polygon blockchain, while DSLRoot operates 300 residential proxy ...

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. The protocol was invented in 1988, and its ...

A newly identified botnet loader is shifting command-and-control (C2) operations onto the Polygon blockchain, eliminating the ...

Aeternum C2, a native C++ botnet loader, operates on smart contracts on the Polygon blockchain, increasing its resilience.

For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed ...

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...

AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate command-and-control (C2) activity. Researchers at cybersecurity company ...

SSHStalker uses IRC channels and multiple bots to control infected Linux hosts Automated SSH brute-forcing rapidly spreads the botnet through cloud server infrastructures Compilers are downloaded ...

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world’s largest and most disruptive botnet. Since then, the ...

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods. The C++-based threat, also ...