DDoS Botnet Aisuru Blankets US ISPs in Record DDoS – Krebs on Security
The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers…
Category: Krebson
ShinyHunters Wage Broad Corporate Extortion Spree – Krebs on Security
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website…
Self-Replicating Worm Hits 180+ Software Packages – Krebs on Security
At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and…
Bulletproof Host Stark Industries Evades EU Sanctions – Krebs on Security
In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before…
Microsoft Patch Tuesday, September 2025 Edition – Krebs on Security
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or…
18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today,…
GOP Cries Censorship Over Spam Filters That Work – Krebs on Security
The chairman of the Federal Trade Commission (FTC) last week sent a letter to Google’s CEO demanding to know why Gmail was blocking messages from…
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into…
Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond…
DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security
The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the…
SIM-Swapper, Scattered Spider Hacker Gets 10 Years – Krebs on Security
A 20-year-old Florida man at the center of a prolific cybercrime group known as “Scattered Spider” was sentenced to 10 years in federal prison today,…
Oregon Man Charged in ‘Rapper Bot’ DDoS Service – Krebs on Security
A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,” a massive botnet used to power a service for launching distributed denial-of-service…