Tag: router
-
Record-breaking DDoS attack against Microsoft Azure mitigated
The attack was linked to the Aisuru botnet, which targets compromised home routers and cameras. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/record-ddos-attack-microsoft-azure/805886/
-
New WrtHug campaign hijacks thousands of endlife ASUS routers
Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called Operation WrtHug that exploits six vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-wrthug-campaign-hijacks-thousands-of-end-of-life-asus-routers/
-
Asus Routers Hacked in ‘WrtHug’ Campaign
Researchers Suspect a Chinese ROB-Building Operation. Suspected Chinese cyberespionage hackers have commandeered tens of thousands of Asus routers in an operation showing a heavy emphasis on infecting devices stationed in Taiwan. The campaign tracks with reports that Beijing is actively pressing unpatched routers into ORB networks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/asus-routers-hacked-in-wrthug-campaign-a-30064
-
WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network.The router hijacking activity has been codenamed Operation WrtHug by SecurityScorecard’s STRIKE team. Southeast Asia and European countries are some of the other regions where…
-
China-aligned threat actor is conducting widespread cyberespionage campaigns
The threat group PlushDaemon uses routers and other network device implants to redirect domain name system (DNS) queries to malicious external servers which take over updates to unleash tools used for cyberespionage. First seen on therecord.media Jump to article: therecord.media/china-aligned-threat-actor-espionage-network-devices
-
China-aligned threat actor is conducting widespread cyberespionage campaigns
The threat group PlushDaemon uses routers and other network device implants to redirect domain name system (DNS) queries to malicious external servers which take over updates to unleash tools used for cyberespionage. First seen on therecord.media Jump to article: therecord.media/china-aligned-threat-actor-espionage-network-devices
-
China-Linked Operation “WrtHug” Hijacks Thousands of ASUS Routers
SecurityScorecard has revealed a new Chinese campaign targeting thousands of ASUS routers globally First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinal-operation-wrthug-thousands/
-
Tens of thousands more ASUS routers pwned by suspected, evolving China operation
Researchers say attacks are laying the groundwork for stealthy espionage activity First seen on theregister.com Jump to article: www.theregister.com/2025/11/19/thousands_more_asus_routers_pwned/
-
Cloud Break: IoT Devices Open to Silent Takeover Via Firewalls
IoT devices can be compromised, thanks to gaps in cloud management interfaces for firewalls and routers, even if they’re protected by security software or not online. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/cloud-iot-devices-takeover-firewalls
-
Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower
Mitigation strategies: Prabhu said CISOs should now test whether their control planes can withstand attacks above 15 Tbps, how to contain cloud cost spikes triggered by auto-scaling during an incident, and how to keep critical services running if defenses are overwhelmed. “CISOs can stress test these benchmarks through DDoS simulations and evaluation of CSP infrastructure…
-
Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely
ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE-2025-59367 (CVSS score of 9.3), in multiple DSL routers that allows remote, unauthenticated attackers to easily access unpatched devices. The vulnerability impacts DSL-AC51, DSL-N16, DSL-AC750 router families, the…
-
ASUS warns of critical auth bypass flaw in DSL series routers
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/asus-warns-of-critical-auth-bypass-flaw-in-dsl-series-routers/
-
EOL-Software gefährdet Unternehmenssicherheit
Geräte mit End-of-Life-Software (EOL) stellen nach wie vor ein weit verbreitetes Sicherheitsproblem in Unternehmen dar.Laut einer Studie von Palo Alto Networks laufen 26 Prozent der Linux-Systeme und acht Prozent der Windows-Systeme mit veralteten Versionen. Die Ergebnisse basieren auf Telemetriedaten von 27 Millionen Geräten in den Netzwerken von 1.800 Unternehmen.Die Analyse offenbart zudem, dass 39 Prozent…
-
Wi-Fi Beamforming Tech Can Identify Individuals by Gait
Pedestrians Uniquely Refract Directional Radio Signals. The way you use your walk – specifically when striding through a Wi-Fi field shaped by directional antennae – can reveal who you are, found researchers who investigated the surveillance potential of wireless routers. Every router is a potential surveillance device, say researchers. First seen on govinfosecurity.com Jump to…
-
Vernetzte Haushalte sind leichte Beute für Cyberkriminelle
Der Durchschnittshaushalt wird 29-mal am Tag über das Internet der Dinge angegriffen. Die Anzahl der vernetzten Geräte pro Haushalt steigt auf 22. Smart-TVs, Streaming-Boxen, Router und Kameras das Internet-of-Things-Ökosystem (IoT) in Haushalten wächst. Mit ihm nimmt auch die Gefahr dramatisch zu, dass Verbraucher Opfer von Cyberangriffen werden. Angreifer nutzen verstärkt Automatisierung, unsichere Firmware… First seen…
-
Vernetzte Haushalte sind leichte Beute für Cyberkriminelle
Der Durchschnittshaushalt wird 29-mal am Tag über das Internet der Dinge angegriffen. Die Anzahl der vernetzten Geräte pro Haushalt steigt auf 22. Smart-TVs, Streaming-Boxen, Router und Kameras das Internet-of-Things-Ökosystem (IoT) in Haushalten wächst. Mit ihm nimmt auch die Gefahr dramatisch zu, dass Verbraucher Opfer von Cyberangriffen werden. Angreifer nutzen verstärkt Automatisierung, unsichere Firmware… First seen…
-
Critical UniFi OS Flaw Enables Remote Code Execution
Tags: bug-bounty, control, credentials, cve, cyber, flaw, remote-code-execution, risk, router, vulnerabilitySecurity researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain complete control of UniFi devices without requiring any credentials or user interaction, posing significant risks to organizations using UniFi Dream Machine routers…
-
Critical UniFi OS Flaw Enables Remote Code Execution
Tags: bug-bounty, control, credentials, cve, cyber, flaw, remote-code-execution, risk, router, vulnerabilitySecurity researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain complete control of UniFi devices without requiring any credentials or user interaction, posing significant risks to organizations using UniFi Dream Machine routers…
-
Cyberbedrohungen in vernetzten Haushalten haben sich im letzten Jahr verdreifacht
Smart-TVs, Streaming-Boxen, Router und Kameras das Internet-of-Things-Ökosystem (IoT) in Haushalten wächst. Mit ihm nimmt auch die Gefahr dramatisch zu, dass Verbraucher Opfer von Cyberangriffen werden. Angreifer nutzen verstärkt Automatisierung, unsichere Firmware und veraltete Geräte, um digitale Haushalte in großem Umfang zu kompromittieren. Zu diesem Schluss kommen Bitdefender und Netgear im aktuellen ‘2025 IoT Security […]…
-
Australia warns of BadCandy infections on unpatched Cisco devices
The Australian government is warning about ongoing cyberattacks against unpatched Cisco IOS XE devices in the country to infect routers with the BadCandy webshell. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/australia-warns-of-badcandy-infections-on-unpatched-cisco-devices/
-
Typo hackers sneak cross-platform credential stealer into 10 npm packages
Payload for IP fingerprinting and credential theft: Once the fake CAPTCHA interaction occurs, the installer sends the victim’s IP address to the attacker’s server, a step that allows tracking, geofencing, and exclusion of unwanted targets.It then downloads the payload from the same host, which is a 24 MB Pyinstaller-packed application that contains hundreds of thousands…
-
Hackers Target 81% of Routers with Default Admin Passwords
The latest 2025 Broadband Genie router security survey reveals alarming trends in network security awareness among internet users. This year’s results, while showing marginal improvements in some areas, underscore the persistent gap between knowing how to secure a network and actually taking action. The research team conducted their fourth comprehensive router security survey to compare…
-
Pwn2Own Ireland 2025: The Hacks, The Winners, and The Big Payouts
Hackers earned over $1 million at Pwn2Own Ireland 2025 in Cork, breaching printers, routers, NAS devices, and more as Summoning Team claimed Master of Pwn. First seen on hackread.com Jump to article: hackread.com/pwn2own-ireland-2025-hacks-winners-payouts/
-
Researchers warn of critical flaws in TP-Link routers
No active exploitation has been spotted, but the vendor and researchers advise users to apply updates immediately.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/researchers-warn-critical-flaws-tp-link-routers/803744/
-
Breach Roundup: the Qilin Hack That Wasn’t
Also, Envoy Air Confirms Data Compromise Following Clop Extortion Campaign. This week, Qilin didn’t hack a Spanish tax agency, Nexperia standoff, Envoy Air confirmed a data compromise, Experian Netherlands fined 2.7M euros, ToolShell used to breach global networks, flaws in TP-Link Omada and Festa VPN routers and a New York firm settled a cybersecurity investigation.…
-
Major Vulnerabilities Found in TP-Link VPN Routers
Forescout researchers discovered critical and high-severity vulnerabilities in several TP-Link VPN routers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vulnerabilities-tplink-vpn-routers/
-
PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign
Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge.PolarEdge was first documented by Sekoia in February 2025, attributing it to a campaign targeting routers from Cisco, ASUS, QNAP, and Synology with the goal of corralling them into a network for an as-yet-undetermined purpose.The TLS-based ELF implant, at its core,…
-
Hard-coded credentials found in Moxa industrial security appliances, routers (CVE-2025-6950)
Moxa has fixed 5 vulnerabilities in its industrial network security appliances and routers, including a remotely exploitable flaw (CVE-2025-6950) that may result in complete … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/20/moxa-routers-hard-coded-credentials-cve-2025-6950/
-
Network security devices endanger orgs with ’90s era flaws
Tags: access, application-security, apt, authentication, breach, cisa, cisco, citrix, cloud, control, cve, cyber, cybersecurity, dos, email, endpoint, exploit, finance, firewall, firmware, flaw, government, group, incident response, infrastructure, injection, ivanti, jobs, linux, mitigation, mobile, network, open-source, penetration-testing, programming, regulation, remote-code-execution, reverse-engineering, risk, risk-management, router, service, software, threat, tool, vpn, vulnerability, zero-day2024 networking and security device zero-day flaws Product CVE Flaw type CVSS Check Point Quantum Security Gateways and CloudGuard Network Security CVE-2024-24919 Path traversal leading to information disclosure 8.6 (High) Cisco Adaptive Security Appliance CVE-2024-20359 Arbitrary code execution 6.6 (Medium) Cisco Adaptive Security Appliance CVE-2024-20353 Denial of service 8.6 (High) Cisco Adaptive Security Appliance …
-
TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader
Tags: ai, awareness, backup, breach, browser, business, cio, ciso, communications, conference, control, corporate, country, cryptography, cyber, cybersecurity, dark-web, data, data-breach, defense, dns, email, encryption, finance, government, healthcare, identity, incident, infrastructure, intelligence, Internet, jobs, law, leak, linux, malicious, mfa, mitigation, network, organized, phone, privacy, ransom, ransomware, RedTeam, resilience, risk, risk-management, router, service, startup, strategy, supply-chain, switch, tactics, technology, theft, threat, tool, training, windowsSummary In this episode of The Defender’s Log, host David Redekop interviews Sami Khoury, the Senior Official for Cybersecurity for the Government of Canada. With a career spanning 33 years at the Communication Security Establishment (CSE), Khoury shares how a coincidental job application blossomed into a lifelong passion for national security. Khoury emphasizes that modern…