RondoDox botnet linked to large-scale exploit of critical HPE OneView bug


A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified “large-scale exploitation” of CVE-2025-37164, a maximum-severity remote code execution bug in HPE’s data center management platform.

Check Point has tied the activity to RondoDox, a Linux-based botnet that weaponizes publicly known vulnerabilities across routers, DVRs, web servers, and other devices, using an “exploit-shotgun” approach to build sprawling botnet networks for DDoS, cryptomining, and secondary payload delivery.

Read more…
Source: The Register News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • NSA Advocates Data Sharing Framework

    June 23, 2017

    The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...