The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
Network World

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.

SmarterTools network breached using auth-bypass attack against single unpatched virtual machine

CyberInsider said the breach was attributed to the Warlock ransomware gang, allegedly famous for targeting Microsoft -based infrastructure. This group seems to have attacked SmarterTools with a ...
SecurityWeek

New ‘SSHStalker’ Linux Botnet Uses Old Techniques

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.
Network World

DKnife targets network gateways in long running AitM campaign

Active since at least 2019, the China-linked framework operates at network gateways to inspect and manipulate in-transit traffic, allowing attackers to redirect updates, disrupt security tooling, and ...
GitHub

Asterion — Network Security Auditor with AI-Powered Analysis

Asterion is a production-ready network and domain security auditor that puts ethics first. Built for penetration testers, security researchers, and enterprise security teams, it combines traditional ...