Botnets, long known for their ability to orchestrate large-scale, automated attacks, are now being used in more targeted and exploit-driven campaigns. The newly uncovered RondoDox botnet campaign is emerging as a major cybersecurity threat by exploiting more than 50 vulnerabilities across 30+ vendors. In parallel, researchers have identified a phishing operation dubbed Beamglea, which uses 175 malicious npm packages and the unpkg.com CDN, targeting over 135 organizations worldwide. Adding to the growing concern, attackers are now weaponizing the Velociraptor DFIR tool in ransomware attacks involving LockBit and Babuk variants. Keep reading for more cybersecurity news from the last 24 hours.
01
The RondoDox botnet campaign has emerged as a significant threat, exploiting over 50 vulnerabilities across more than 30 vendors, including flaws first identified in Pwn2Own contests.
02
A phishing campaign, named Beamglea, has been found leveraging 175 malicious npm packages and unpkg[.]com CDN to host redirect scripts targeting 135+ organizations globally.
03
ClayRat, an Android spyware, has been targeting Russian users, spreading through Telegram and phishing sites while impersonating popular apps.
04
A new campaign involving the Stealit malware has been using Node.js’ Single Executable Application (SEA) feature to distribute malicious payloads, targeting Windows systems.
05
China-based group Storm-2603 is now leveraging the Velociraptor DFIR tool in ransomware attacks, particularly with LockBit and Babuk variants.
06
Juniper Networks has announced the release of patches for nearly 220 vulnerabilities across its products, including nine critical severity flaws. Among the significant issues addressed is a critical XSS vulnerability (CVE-2025-59978) that could allow attackers to execute commands with administrative privileges.
07
A zero-day vulnerability (CVE-2025-11371) is being exploited in Gladinet CentreStack and TrioFox products, allowing attackers to disclose system files and impact all software versions up to 16.7.10368.56560.
08
Two high-severity vulnerabilities (CVE-2025-11001 and CVE-2025-11002) have been discovered in the 7-Zip file archiver, allowing potential remote code execution.
09
Cybersecurity firm Pantherun Technologies raised $12 million in a Series A funding round led by Sahasrar Capital Investors and Lucky Investment Managers, with participation from Capital 2B, 8X Ventures, Real Time Angel Fund, and Founders Collective Fund.
