VulnHub

A recent report from Qrator Labs indicates that the largest known DDoS botnet has expanded to encompass 13.5 million devices. This massive botnet is capable of launching Distributed Denial of Service (DDoS) attacks reaching up to 2 terabits per second. The primary target of these attacks has been the financial technology sector, raising concerns for companies in that space. With such a vast number of devices potentially under the control of attackers, the threat to both service availability and data security is significant. Companies in the FinTech sector, as well as other industries relying on online services, need to bolster their defenses to mitigate the risks associated with these powerful DDoS attacks.

The Masjesu botnet, also referred to as XorBot, has emerged as a stealthy DDoS-for-hire service that primarily targets Internet of Things (IoT) devices. Unlike many other botnets, Masjesu avoids high-profile targets, such as Department of Defense IP addresses, opting instead for less conspicuous victims. This botnet employs XOR encryption to maintain low visibility and ensure its persistence within compromised systems. As the use of IoT devices continues to rise, the potential for such botnets to disrupt services and cause damage increases, making it crucial for users and organizations to secure their devices against such threats. The activity of Masjesu raises concerns about the growing sophistication of DDoS services that are accessible for hire, which can have widespread implications for network stability and security.

Rostelecom, a major state-run telecommunications company in Russia, reported a significant distributed denial-of-service (DDoS) attack on Monday. This incident disrupted internet access, government services, and online banking for users in 30 cities across the country. The attackers behind the DDoS attack have not yet been identified. This incident is concerning as it affects essential services, highlighting vulnerabilities in critical infrastructure that could have broader implications for national security and public safety. The scale of the attack raises questions about the resilience of state-run systems against cyber threats.

Akamai's latest security report reveals that internet-facing systems are facing increasing levels of malicious traffic, particularly targeting APIs, web applications, and DDoS channels. From January 2024 to December 2025, the number of web attacks aimed at applications and APIs has steadily risen, indicating a growing threat to organizations that rely on these technologies. This uptick in malicious activity suggests that attackers are honing their skills and strategies, making it crucial for companies to enhance their security measures. As APIs become more integral to business operations, understanding and mitigating these risks is essential for protecting sensitive data and maintaining service availability. Organizations should prioritize monitoring and defending their API infrastructures to counter these persistent threats.

Security researchers have identified two new malware strains specifically targeting Linux-based network devices. These malicious programs are being used by financially motivated cybercriminals, marking a shift from their previous association with nation-state espionage. The malware can facilitate distributed denial-of-service (DDoS) attacks and enable unauthorized cryptocurrency mining. This development is concerning as it indicates that attackers are now exploiting vulnerabilities that were once primarily used for geopolitical purposes. Organizations using Linux network devices need to be vigilant and enhance their security measures to protect against these evolving threats.

In November 2025, a massive DDoS attack reached a peak of 31.4 terabits per second, making it one of the largest ever recorded. The attack was executed by the AISURU/Kimwolf botnet and lasted for just 35 seconds. Fortunately, Cloudflare's security systems were able to automatically detect and block the attack before it could cause significant disruption. This incident is part of a worrying trend of increasingly powerful and brief DDoS attacks that can overwhelm even the most robust defenses. Organizations must remain vigilant as such attacks not only threaten individual services but also have the potential to disrupt broader internet infrastructure.

The AISURU/Kimwolf botnet has launched a massive DDoS attack that peaked at an astonishing 31.4 Terabits per second, lasting just 35 seconds. This attack is part of a growing trend of extremely high-volume HTTP DDoS assaults that the botnet has been executing throughout the fourth quarter of 2025. Cloudflare, a cybersecurity company that monitors these incidents, successfully detected and mitigated the attack, preventing potential disruptions to online services. Such high-capacity attacks pose significant risks to internet infrastructure and can overwhelm even the most fortified systems, affecting businesses and users alike. As these types of attacks become more common, organizations need to bolster their defenses against DDoS threats.

Italy's Foreign Minister Antonio Tajani announced that the country successfully thwarted a series of cyberattacks linked to a pro-Russian group known as Noname057(16). These attacks targeted various entities, including the Foreign Ministry offices, with one affecting operations in Washington, D.C. Additionally, the group aimed at disrupting websites and hotels associated with the upcoming Milano Cortina 2026 Winter Olympics. This incident highlights ongoing cybersecurity concerns related to geopolitical tensions, particularly as major international events approach. The Italian government’s proactive measures demonstrate the importance of safeguarding critical infrastructure and national security against external threats.

Poland's Central Bureau for Combating Cybercrime has arrested a 20-year-old man believed to be behind a series of global DDoS attacks that targeted important websites. The suspect faces six charges, including disrupting IT systems and using specialized software to execute cyberattacks. He has reportedly confessed to many of the allegations against him. If found guilty, he could face up to five years in prison. This operation underscores the ongoing challenges of combating cybercrime, particularly as such attacks can significantly disrupt online services and affect many organizations worldwide.

A massive distributed denial-of-service (DDoS) attack has reached a staggering 31.4 terabits per second, setting new records for online attacks. This incident is attributed to a powerful botnet known as the 'apex' botnet, which has been exploiting consumer devices, such as routers and smart home gadgets, to amplify its attack capabilities. As attackers increasingly turn ordinary home devices into tools for cyber warfare, businesses and individuals alike are at risk of service disruptions. The scale of this attack serves as a wake-up call for users to secure their connected devices and for companies to enhance their defenses against such overwhelming assaults. The implications are serious, as these attacks can cripple online services and affect a vast number of users worldwide.

In December 2025, the Aisuru/Kimwolf botnet executed a record-breaking distributed denial of service (DDoS) attack, reaching a staggering peak of 31.4 terabits per second and generating 200 million requests per second. This incident marks one of the largest DDoS attacks recorded to date, raising concerns for internet stability and security. Organizations that rely on online services, including e-commerce and cloud providers, may experience significant disruptions. The attack showcases the growing capabilities of botnets and the need for enhanced defenses against such aggressive tactics. As attackers continue to evolve their methods, companies must prioritize their cybersecurity measures to mitigate the impact of similar threats in the future.