#rondodox

[ follow ]
#botnet #vulnerabilities #command-injection #cve-2025-37164 #hpe-oneview #remote-code-execution #react2shell
Information security
fromTechzine Global
2 weeks ago

RondoDox botnet exploits HPE OneView vulnerability on a massive scale

RondoDox botnet rapidly escalated automated exploitation of critical, unauthenticated remote code execution vulnerability CVE-2025-37164 in HPE OneView, causing tens of thousands of attack attempts.
Information security
fromThe Hacker News
4 weeks ago

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

A nine-month campaign used React2Shell (CVE-2025-55182) and other N-day flaws to enroll IoT devices and web apps into the RondoDox botnet, deploying miners and Mirai variants.
#botnet
more#botnet
fromTheregister
3 months ago

RondoDox botnet fires 'exploit shotgun' at edge devices

A new RondoDox botnet campaign uses an "exploit shotgun" - fire at everything, see what hits - to target 56 vulnerabilities across at least 30 different vendors' routers, DVRs, CCTV systems, web servers, and other network devices, and then infect the buggy gear with malware. RondoDox is a new-ish botnet that first surfaced in mid-2025 and weaponizes command-injection flaws in internet-facing devices. In recent months, it's been spotted delivering multi-architecture payloads that infect vulnerable gear
Information security
Privacy professionals
fromThe Hacker News
6 months ago

RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks

Malware campaign RondoDox targets TBK DVRs and Four-Faith routers via known vulnerabilities to create a botnet for further exploits.
[ Load more ]