The JDY botnet, linked to China's Volt Typhoon, has doubled in size and now scans for newly disclosed vulnerabilities within hours. Most nodes are in the US.

The JDY botnet, a malware network previously associated with Chinese threat actors like Volt Typhoon, has significantly expanded its targeting scope and reconnaissance efforts.

Russian military-linked hackers tracked as APT28 have shifted cyber operations into compromised internet routers, using the MooBot botnet and vulnerable edge devices to harvest credentials, route ...

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...

In a combined operation with Google and the Shadowserver Foundation, cybersecurity giant CrowdStrike successfully dismantled Glassworm - a sophisticated global botnet Google, Shadowserver Foundation ...

CrowdStrike, Google, and Shadowserver jointly dismantled the Glassworm botnet on May 26, 2026, by disrupting all four of its resilient C2 channels simultaneously Active since early 2025, Glassworm ...

The Glassworm botnet that weaponised trusted developer tools and turned them on the open source community to poison hundreds of GitHub repositories with malicious code has been knocked out in a ...

Security firms took down all four command-and-control (C&C) channels used by the GlassWorm malware. The GlassWorm botnet that has been targeting the open source software ecosystem for over six months ...

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent ...