The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

Hackers resurrect the 90s IRC tricks with SSHStalker

Hackers resurrect 90s IRC tricks with SSHStalker, using old exploits to quietly compromise thousands of Linux servers ...
Krebs on Security

Kimwolf Botnet Swamps Anonymity Network I2P

Kimwolf is a botnet that surfaced in late 2025 and quickly infected millions of systems, turning poorly secured IoT devices like TV streaming boxes, digital picture frames and routers into relays for ...
Krebs on Security

Who Operates the Badbox 2.0 Botnet?

The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2 ...

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.