The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services.
These bots often carry Remote Code Execution (RCE) exploits targeting HTTP services, allowing attackers to embed Linux commands within GET or POST requests. We recently observed the use of CVE-2024-3721 in attempts to deploy a bot in one of our honeypot services. This bot variant turned out to be part of the infamous Mirai botnet, targeting DVR-based monitoring systems.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- South Korea cyber crisis deepens as Coupang data leak exposes national vulnerabilities
December 1, 2025
An investigation is under way into the cause of the breach. The leak raised concerns about phishing attempts targeting customers. Telecom, payments and crypto firms also reported recent breaches. A major data breach at South Korea’s biggest e-retailer has intensified concerns about the country’s digital preparedness, with the latest incident now seen as part of a ...
- Bug in jury systems used by several US states exposed sensitive personal data
November 26, 2025
Several public websites designed to allow courts across the United States and Canada to manage the personal information of potential jurors had a simple security flaw that easily exposed their sensitive data, including names and home addresses, TechCrunch has exclusively learned. A security researcher, who asked not to be named for this story, contacted TechCrunch with ...
- CISA orders feds to patch Oracle Identity Manager zero-day after signs of abuse
November 24, 2025
CISA has ordered US federal agencies to patch against an actively exploited Oracle Identity Manager (OIM) flaw within three weeks – a scramble made more urgent by evidence that attackers may have been abusing the bug months before a fix was released. The flaw, tracked as CVE-2025-61757 and now sitting in CISA’s Known Exploited Vulnerabilities catalog, ...
- WhatsApp security flaw lets experts scrape 3.5 billion user numbers
November 21, 2025
WhatsApp users may need to take extra steps to protect their account information following a potentially concerning discovery. A study by researchers at the University of Vienna revealed the app’s contact-discovery system enabled the collection of extensive WhatsApp user data at an unprecedented scale due to insufficient rate-limiting across global endpoints. The researchers were able to ...
- Google says hackers stole data from 200 companies following Gainsight breach
November 21, 2025
Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, Salesforce disclosed a breach of “certain customers’ Salesforce data” — without naming affected companies — that was stolen via apps published by Gainsight, which provides a customer support platform to other companies. Read more… Source: ...
- European Union Agency for Cybersecurity (ENISA) becomes a Common Vulnerabilities and Exposures (CVE) Program-Root
November 20, 2025
As a Common Vulnerability and Exposure (CVE) Numbering Authority (CNA), ENISA is authorised to assign CVE Identifiers (CVE IDs) and to publish CVE Records for vulnerabilities discovered by or reported to EU CSIRTs, in line with their dedicated coordinator roles since January 2024. As Root CNA, ENISA is now expanding its role within the CVE ...