The Trend Zero Day Initiative (ZDI) Threat Hunting and Trend Research teams have identified a significant RondoDox botnet campaign that targets a wide range of internet-exposed infrastructure.
This campaign consists of over 50 exploits, including unpatched router flaws across over 30 vendors, targeting vulnerabilities found in routers, digital video recorders (DVRs), network video recorders (NVRs), CCTV systems, web servers, and various other network devices. While the exploits specifically exploit vulnerabilities in routers, DVRs, NVRs, CCTV systems, web servers, and networking equipment, the latest RondoDox campaign uses an “exploit shotgun”, using multiple exploits and seeing what hits.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Illinois health department exposed over 700,000 residents’ personal data for years
January 8, 2026
The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents. The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the ...
- Fake WinRAR downloads hide malware behind a real installer
January 8, 2026
A member of Malwarebytes Labs web research team pointed the author to a fake WinRAR installer that was linked from various Chinese websites. When these links start to show up, that’s usually a good indicator of a new campaign. So, the author downloaded the file and started an analysis, which turned out to be something of ...
- Hackers use ‘Blue Screen of Death’ malware to target victims
January 6, 2026
Russian cybercriminals are trying to deploy backdoors and infostealers on people’s computers through a new ClickFix campaign – but this one comes with a sinister twist. ClickFix attacks are usually centered around pop-ups – the victim gets an error message, and at the same time is offered a fix. That fix, be it to run a ...
- Hacktivist deletes white supremacist websites live onstage during hacker conference
January 5, 2026
A hacktivist remotely wiped three white supremacist websites live onstage during their talk at a hacker conference last week, with the sites yet to return online. The pseudonymous hacker, who goes by Martha Root — dressed as Pink Ranger from the Power Rangers — deleted the servers of WhiteDate, WhiteChild, and WhiteDeal in real time ...
- 2025 was a terrible year for the ‘Four Families’ accused of running global cyber scam operations
January 4, 2026
People traded as commodities, iron cages used for punishment, severed fingers and even human sacrifice. These grisly details, revealed during interrogations of some of Asia’s most notorious criminal magnates, expose the horror of life in the many scam factories that dot Myanmar’s rugged and lawless border with China. The suspects were alleged members of powerful crime ...
- US cyber attacks plunged Caracas into darkness
January 4, 2026
US cyber attacks cut off power to large areas of Caracas to allow planes and helicopters to strike key military sites and capture Nicolás Maduro. Cyber command, space command and other American agencies layered effects to ensure more than 150 of its planes, drones and helicopters could approach the Venezuelan capital undetected. Cyber operators blacked out ...