Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

Hackers resurrect 90s IRC tricks with SSHStalker, using old exploits to quietly compromise thousands of Linux servers ...

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.

Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, giving them free rein on a network. Experts are urging enterprises to ...

A max-severity RCE vulnerability in Erlang’s OTP SSH daemon, CVE-2025-32433, was actively exploited in OT networks across six countries, targeting firewalls in critical infrastructure sectors. A ...

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. A critical ...

It has been almost a week since the SSH exploit/patch came out. This is getting a little ridiculous. I can't completely tell how serious this hole is, but I don't feel too safe leaving SSH enabled on ...

TL;DR: GreyNoise uncovered the AyySSHush botnet infecting over 8,000 hosts, mainly ASUS routers, exploiting known bypass bugs to gain persistent SSH backdoor access that survives firmware updates.

In context: Asus has taken a proactive approach in responding to a recent botnet attack, not only patching the vulnerability but also providing step-by-step guidance to help users fully remove ...