news
Breaking Cyber News From Cyberint
Breaking news feed of the latest cyber incidents, breaches, vulnerabilities, malware, ransomware and so much more.
- All Items
- Jobinfo
- Asia
- Israel
- Data Encrypted For Impact
- Middle East
- Handala
- Business Services
- Shelter Locations In Israel
- Retail
- Saudi Arabia
- Cyber Fattah Team
- Saudi Games
- Ben Horin & Alexandrovitz
- Zachary Levi And Sons - Construction
- Sivim It
- Kibbutz Almog
- Government
- Saban Brands Israel
- Manufacturing
- Digitalghost
- Mprest
- The Knesset
- Evil_Byte
- Gonjeshke Darande
- Nobitex
- Kimia Farma
- Sentap
- exclusive
- Indonesia
- Chemicals And Allied Products
- South-Eastern Asia
- Europe
- Sweden
- Transportation
- Hensi
- Scania
- Northern Europe
- Tbn Israel
- Media
- Education
- Weizmann Institute Of Science
- Israeli Air Force
- Resistancetrench
- Dienet
- Israel Antiquities Authority
- Wazuh
- CVE-2025-24016
- United States
- North America
- Cve-2025-24016
- Mirai
- Epsilor Electric Fuel
- Clayoxtymus1337
- Technology
- India
- Advanced Weapons And Equipment India
- Southern Asia
- Fin6
- More_Eggs
- Cryptocurrency
- Alex Lab
- Edf Energy
- Critical Infrastructures
- United Kingdom
- Zoldyck
- Spearphishing Link
- Ingress Tool Transfer
- Telecommunications
- Spectrum
- Credentials In Files
- Amos
- Unix Shell
- Disable Or Modify Tools
- Match Legitimate Name Or Location
- Sudo And Sudo Caching
- Israel Defense Forces
- Ghna
- Food And Kindred Products
- Coca-Cola Europacific Partners
- Southern Europe
- Automotive
- Italy
- Locauto
- Whitecoat
- Mercadona
- Spain
- Healthcare
- Ups
- Wow Health Solutions
- Rip_Real_World
- Cyprus Airways
- Netsupport Rat
- Illeak
- Tel Aviv University
- Desec0X
- Numero
- Yashma
- Unc6032
- Cyberlock
- Chaos
- Lucky_Gh0$T
- 303
- Deloitte
- Gucci
- Virtualization/Sandbox Evasion
- Input Capture
- Credentials From Web Browsers
- Credentials From Password Stores
- Exfiltration Over C2 Channel
- Data From Local System
- System Information Discovery
- User Execution
- Phishing
- Command And Scripting Interpreter
- Eddiestealer
- Obfuscated Files Or Information
- Drive-By Compromise
- Password Managers
- File And Directory Discovery
- Screen Capture
- Windows Credential Manager
- W_Tchdogs
- Superloop
- Australia And New Zealand
- Australia
- Smb/Windows Admin Shares
- Docker
- Exploitation For Client Execution
- Remote System Discovery
- Lateral Tool Transfer
- Network Service Discovery
- Resource Hijacking
- Change Default File Association
- Deploy Container
- External Remote Services
- Exploit Public-Facing Application
- Web Protocols
- Escape To Host
- Bitdefender
- Venom Rat
- Cameleon
- Financial Theft
- Eastern Europe
- Romania
- Vicioustrap
- Eastern Asia
- Cve-2023-20118
- CVE-2023-20118
- Macao Special Administrative Region
- Cisco
- Cve-2025-0944
- CVE-2025-0944
- Trimble
- Uat-6382
- Tetraloader
- Rundll32
- China
- Dynamic-Link Library Injection
- Regsvr32
- Scheduled Task
- Malicious File
- Masquerade Task Or Service
- Process Discovery
- Valleyrat
- Reflective Code Loading
- File Deletion
- Silver Fox
- Obfuscated Files Or Information: Encrypted Or Encoded Data
- Powershell
- Bumblebee
- Qakbot
- Warmcookie
- Trickbot
- Danabot
- Cetus
- Purehvnc
- Bytebreaker
- Telcel
- Mexico
- Latin America And The Caribbean
- Viralgod
- Peter Green Chilled
- Cellcom
-
Jun 11, 2025
Exploitation of Wazuh Vulnerability by Mirai Botnet Variants
Researchers have reported that threat actors are exploiting a critical vulnerability (CVE-2025-24016) in Wazuh servers to deploy Mirai botnet variants for conducting distributed denial-of-service (DDoS) attacks. This vulnerability allows remote code execution and has been targeted shortly after its public disclosure in February 2025. The attacks involve two different botnets using malicious shell scripts to download Mirai payloads from external servers. The research indicates that the botnets are leveraging various exploits, including those targeting IoT devices, and have been found to particularly focus on devices in regions such as China, India, and several others. The ongoing exploitation of this vulnerability highlights the rapid response of botnet operators to newly published security flaws.