The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services.
These bots often carry Remote Code Execution (RCE) exploits targeting HTTP services, allowing attackers to embed Linux commands within GET or POST requests. We recently observed the use of CVE-2024-3721 in attempts to deploy a bot in one of our honeypot services. This bot variant turned out to be part of the infamous Mirai botnet, targeting DVR-based monitoring systems.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine
March 10, 2026
A mass hacking campaign targeting iPhone users in Ukraine and China used tools that were likely designed by U.S. military contractor L3Harris, TechCrunch has learned. The tools, which were intended for Western spies, wound up in the hands of various hacking groups, including Russian government spooks and Chinese cybercriminals. Last week, Google revealed that over the ...
- Patch Tuesday – March 2026
March 10, 2026
Microsoft is publishing 77 vulnerabilities this March 2026 Patch Tuesday. Microsoft is aware of public disclosure of two of today’s vulnerabilities, but without evidence of exploitation in the wild for any (yet), so there are no Microsoft additions to CISA KEV today. Earlier in the month, Microsoft provided patches to address nine browser vulnerabilities, which are ...
- Cisco warns of two more SD-WAN bugs under active attack
March 6, 2026
Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software. The newly abused flaws affect Cisco Catalyst SD-WAN Manager, the platform formerly known as vManage that sits at the center of many organizations’ SD-WAN deployments. One of the bugs, ...
- Kaspersky dismisses claims Coruna iPhone exploit kit is connected to NSA-linked operation
March 4, 2026
Russian cybersecurity outfit Kaspersky is waving away claims that an iPhone exploit kit recently uncovered by Google was developed by the same people who were behind a group of zero-days that allegedly compromised thousands of Russian diplomats in a 2023 campaign. After Google’s Threat Intelligence Group (GTIG) published its findings on the Coruna exploit kit this ...
- Google patches 129 Android security flaws — including a potentially dangerous Qualcomm zero-day
March 3, 2026
Google has released a new security update which fixed 129 vulnerabilities in the Android ecosystem, including 10 critical-severity bugs, and one high-severity issue apparently being exploited in the wild. In a security advisory, Google said that it fixed a buffer over-read vulnerability in the Graphics component (an open-source Qualcomm module). The bug, tracked as CVE-2026-21385, was ...
- Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
March 3, 2026
Google Threat Intelligence Group (GTIG) has identified a new and powerful exploit kit targeting Apple iPhone models running iOS version 13.0 (released in September 2019) up to version 17.2.1 (released in December 2023). The exploit kit, named “Coruna” by its developers, contained five full iOS exploit chains and a total of 23 exploits. The core technical ...

