China-nexus cyber actors' are turning routers and IoT infrastructure into covert botnets 'at scale' – NCSC, Five Eyes, and others warn of campaign involving Typhoo…

Earlier this week, security agencies from 10 countries, including the NSA, DOJ, NCSC, and others, published a new paper ...

China disguises cyberattacks with ‘covert network’ botnets, US and allies warn

Hackers working for the Chinese government are increasingly hiding their attacks behind ready-made networks of hacked routers ...
Hoodline

Bay Area Home Routers Targeted as China-Linked Hackers Build Stealth Cyber Army

International cyber agencies are sounding the alarm that China-nexus hackers have quietly pivoted to a new playbook, turning ...

15 Cyber Agencies Issue Joint Warning on China-Linked Covert Botnet Threat

China-linked actors hide attacks behind botnets of compromised home devices. Cyber defense grows more complex.

This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked

Old TP-Link router flaw is being abused again The threat actors are building out a botnet named Ballista They are operating ...
SecurityWeek

Mirai Botnet Targets Flaw in Discontinued D-Link Routers

A Mirai botnet has started exploiting CVE-2025-29635, a year-old command injection vulnerability in discontinued D-Link ...

Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn

A majority of China-linked threat actors are using compromised routers and IoT devices worldwide, turning this gear into proxy networks to carry out further intrusions, steal sensitive data, and ...
CSOonline

New Mirai botnet targets industrial routers

The botnet’s preferred targets include Four-Faith and Neterbit routers or smart home devices. Experts from VulnCheck reported at the end of December that a vulnerability in Four-Faith industrial ...
Bleeping Computer

Police dismantles botnet selling hacked routers as residential proxies

Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. The U.S.

New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...
Android

ASUS Router Alert: Thousands Hacked to Form Massive Botnet

Thousands of ASUS routers have been hacked to form a major botnet, exploiting vulnerabilities including CVE-2023-39780. Attackers installed persistent backdoors, making detection difficult. Users are ...