Tag: router
-
Critical Zyxel router flaw exposed devices to remote attacks
Tags: attack, cve, data-breach, flaw, injection, remote-code-execution, router, vulnerability, zyxelZyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a critical remote code execution vulnerability, tracked as CVE-2025-13942 (CVSS score of 9.8), affecting more than a dozen router models. A command injection flaw in the UPnP feature of several Zyxel CPEs, Fiber ONTs, and…
-
Zyxel warns of critical RCE flaw affecting over a dozen routers
Taiwan networking provider Zyxel has released security updates to address a critical vulnerability affecting over a dozen router models that can allow unauthenticated attackers to gain remote command execution on unpatched devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers/
-
Texas Sues TP-Link Over Alleged Security Risks and Supply Chain Deception
Texas has sued TP-Link over alleged supply chain deception and router security flaws linked to Chinese threat actors. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/texas-sues-tp-link-over-alleged-security-risks-and-supply-chain-deception/
-
Texas sues TP-Link over Chinese hacking risks, user deception
Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while allowing Chinese state-backed hackers to exploit firmware vulnerabilities and access users’ devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/texas-sues-tp-link-over-chinese-hacking-risks-user-deception/
-
Texas Sues TP-Link for Covering Up Chinese Manufacturing
Router Maker Accuses Rivals, Competitors of Smear Campaign. The Texas attorney general invoked state consumer protection law to sue Wi-Fi router maker TP-Link Systems for misrepresenting its connections to mainland China and the security of its ubiquitous devices. The suit says TP-Link should be forced to declare that their products are made in China. First…
-
Texas sues TP-Link, alleging it allows China to hack into routers
Attorney General Ken Paxton announced the lawsuit on Monday and said it is the first of several that will be filed this week against companies affiliated with China’s government. First seen on therecord.media Jump to article: therecord.media/texas-sues-tp-link-china-allegations
-
Texas sues TP-Link, alleging it allows China to hack into routers
Attorney General Ken Paxton announced the lawsuit on Monday and said it is the first of several that will be filed this week against companies affiliated with China’s government. First seen on therecord.media Jump to article: therecord.media/texas-sues-tp-link-china-allegations
-
Texas sues TP-Link over China links and security vulnerabilities
State disputes the company’s claim that its routers are made in Vietnam First seen on theregister.com Jump to article: www.theregister.com/2026/02/18/texas_sues_tplink_over_china/
-
ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks
Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised Internet-of-Things (IoT) devices, Small Office/Home Office (SOHO) routers, and rented Virtual Private Servers (VPS), these networks act like private residential proxy systems that blend malicious traffic with legitimate user activity.…
-
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks. First seen on hackread.com Jump to article: hackread.com/china-dknife-spyware-hijack-internet-routers-2019/
-
The >>AllOne<< Spy: DKnife Malware Hijacks Routers to Swap Downloads
The post The >>All-in-One<< Spy: DKnife Malware Hijacks Routers to Swap Downloads appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/the-all-in-one-spy-dknife-malware-hijacks-routers-to-swap-downloads/
-
DKnife toolkit abuses routers to spy and deliver malware since 2019
DKnife is a Linux toolkit used since 2019 to hijack router traffic and deliver malware in cyber-espionage attacks. Cisco Talos found DKnife, a powerful Linux toolkit that threat actors use to spy on and control network traffic through routers and edge devices. It inspects and alters data in transit and installs malware on PCs, phones,…
-
DKnife Linux toolkit hijacks router traffic to spy, deliver malware
A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dknife-linux-toolkit-hijacks-router-traffic-to-spy-deliver-malware/
-
Chinese-Made Malware Kit Targets Chinese-Based Routers and Edge Devices
DKnife is a Chinese made malware framework that targets Chinese-based users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-malware-kit-targets-routers/
-
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that’s operated by China-nexus threat actors since at least 2019.The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via routers and edge devices. Its primary targets seem to First seen…
-
China-Nexus Hackers Target Linux Devices to Redirect Traffic and Deploy Malware
>>DKnife,<< a sophisticated gateway-monitoring and adversary-in-the-middle (AitM) framework that turns Linux-based routers and edge devices into surveillance tools. Active since at least 2019, this campaign employs seven distinct Linux implants to inspect network traffic, hijack legitimate software downloads, and deploy advanced malware. The framework remains active as of January 2026, targeting personal computers, mobile phones,…
-
CISA orders feds to disconnect unsupported network edge devices
The government is worried about hackers accessing systems through insecure and poorly monitored routers, firewalls and similar equipment at the network perimeter. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-edge-devices-binding-operational-directive/811539/
-
Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers
Compromised home routers in 30+ countries had DNS traffic redirected, sending users to malicious sites while normal browsing appeared unaffected. First seen on hackread.com Jump to article: hackread.com/sanctioned-bulletproof-host-hijack-old-home-routers/
-
TP-Link Vulnerabilities Let Hackers Take Full Control of Devices
TP-Link has disclosed multiple critical authenticated command injection vulnerabilities affecting the Archer BE230 v1.2 Wi-Fi router, enabling attackers with administrative access to execute arbitrary commands and seize complete control of affected devices. Security researchers jro, caprinuxx, and sunshinefactory discovered nine distinct vulnerabilities tracked under separate CVE identifiers. The flaws impact various components of the router’s…
-
Shadow DNS Operation Abuses Compromised Routers to Manipulate Internet Traffic
A sophisticated shadow DNS network that hijacks internet traffic by compromising home and business routers. The operation, active since mid-2022, manipulates DNS resolution through malicious resolvers hosted by Aeza International (AS210644), a bulletproof hosting provider sanctioned by the U.S. Treasury Department in July 2025. The threat campaign targets older router models, modifying their DNS configuration…
-
TP-Link Archer Router Flaw Exposes Users to Remote Attacks and Full Device Control
A high command injection vulnerability has been discovered in TP-Link’s Archer MR600 v5 router, enabling authenticated attackers to execute arbitrary system commands through the device’s admin interface. The flaw, tracked as CVE-2025-14756, represents a significant security risk for enterprise and home users relying on this widely deployed network equipment. Vulnerability Details Security researchers identified the…
-
CISO’s predictions for 2026
Tags: access, ai, attack, authentication, automation, breach, business, ciso, cloud, control, credentials, cryptography, cyber, cyberattack, cybersecurity, data, data-breach, encryption, endpoint, extortion, finance, governance, government, healthcare, identity, infrastructure, malicious, mobile, mssp, network, password, penetration-testing, ransomware, risk, router, saas, soc, strategy, supply-chain, technology, threat, tool, vulnerability, warfareAI agents to reshape the threat landscape: But those same AI technologies are also changing the threat landscape. Toal points to a recent Anthropic report that documented the first large-scale AI-enabled cyberattack as an early warning sign. “I guarantee attackers will be more focused on using AI agents for what they want than a lot…
-
OpenWrt One gains support for running Debian
Debian now runs on the OpenWrt One hardware platform following recent engineering work by Collabora. OpenWrt One is a developer focused router designed to support embedded … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/22/openwrt-one-running-debian/
-
Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws
Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution.The most severe of the lot is a critical security flaw impacting Zoom Node Multimedia Routers (MMRs) that could permit a meeting participant to conduct remote code execution attacks. The vulnerability, tracked…
-
Critical Zoom Vulnerability Enables Remote Code Execution via Command Injection
A critical command injection vulnerability in Zoom Node Multimedia Routers (MMRs) has been disclosed, potentially allowing meeting participants to execute arbitrary code on vulnerable systems. The flaw affects Zoom Node Meetings Hybrid and Meeting Connector deployments, requiring immediate patching across enterprise environments. Vulnerability Overview Zoom Offensive Security identified a command injection flaw in Zoom Node…
-
TP-Link Router Flaw Enables Authentication Bypass Through Password Recovery Mechanism
TP-Link hasdiscloseda high-severity authenticationbypass vulnerabilityaffecting its VIGI security camera lineup, allowing attackers on local networks to reset administrator passwords without verification. The flaw lies in the password recovery feature of the local web interface, which is exploited via client-side state manipulation. The vulnerability (CVE-2026-0629) enables threat actors positioned on the samelocal area network(LAN) to gain…
-
CyRC advisory: Vulnerability in Broadcom chipset causes network disruption and client disconnection on wireless routers
CyRC discovered critical Wi-Fi vulnerabilities in ASUS & TP-Link routers allowing network disruption via single malformed frame. CVE-2025-14631 patched. The post CyRC advisory: Vulnerability in Broadcom chipset causes network disruption and client disconnection on wireless routers appeared first on Blog. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/01/cyrc-advisory-vulnerability-in-broadcom-chipset-causes-network-disruption-and-client-disconnection-on-wireless-routers/
-
Key learnings from the latest CyRC Wi-Fi vulnerabilities
Critical Broadcom chipset flaw lets attackers crash Wi-Fi networks without authentication. Learn if your router is affected and how to patch it. The post Key learnings from the latest CyRC Wi-Fi vulnerabilities appeared first on Blog. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/01/key-learnings-from-the-latest-cyrc-wi-fi-vulnerabilities/
-
One Simple Trick to Knock Out the Wi-Fi Network
Black Duck Researchers Discover Flaw in Widely Used Broadcom Chipset. A flaw in Broadcom chipsets commonly used in wireless routers allows attackers to repeatedly knock offline the 5 gigahertz band, no matter how strong the security settings, say researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/one-simple-trick-to-knock-out-wi-fi-network-a-30502
-
Critical React Router Flaws Could Let Attackers Access or Modify Server Files
A critical vulnerability has been discovered in React Router and Remix that could allow attackers to access or modify sensitive files on web servers. The flaw affects multiple packages and has received a severity rating of Critical with a CVSS score of 8.8/10. Field Details CVE ID CVE-2025-61686 Severity Critical CVSS Score 8.8/10 Vulnerability Overview The security issue stems from…