The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

The ides of security March are upon us — Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and Kubernetes as an ...

ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Arabian Post

ComfyUI breach wave targets AI servers

The activity centres on unauthenticated ComfyUI deployments and the platform’s custom node ecosystem, which lets users add ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
Wired

US Takes Down Botnets Used in Record-Breaking Cyberattacks

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department. The collection of millions of ...
Bleeping Computer

International joint action disrupts world’s largest DDoS botnets

Authorities from the United States, Germany, and Canada have taken down Command and Control (C2) infrastructure used by the Aisuru, KimWolf, JackSkid, and Mossad botnets to infect Internet of Things ...
Bleeping Computer

Manager of botnet used in ransomware attacks gets 2 years in prison

A Russian national has been sentenced to two years in prison after admitting that the phishing botnet he managed was used to launch BitPaymer ransomware attacks against 72 U.S. companies. According to ...
Indiatimes

US takes down world’s largest network Botnets that hacked into digital video recorders, web cameras and WiFi routers across the world

The US Justice Department said it has taken action to disrupt a network of cybercriminal botnets used to carry out large-scale internet attacks that infected more than 3 million devices globally. The ...
Mint

US takes down ‘cybercrime-as-a-service’ botnets that hijacked over 3 million IoT devices globally

The US Justice Department has announced that it dismantled four massive botnets responsible for some of the largest distributed denial-of-service (DDoS) attacks in history. The Justice Department says ...
Krebs on Security

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The Justice Department said the Department of Defense Office of Inspector General’s (DoDIG) Defense Criminal Investigative Service (DCIS) executed seizure warrants targeting multiple U.S.-registered ...