Cybersecurity experts report an increase in automated attacks exploiting vulnerabilities in PHP servers, IoT devices, and cloud gateways using botnets like Mirai and Gafgyt. These attacks leverage known CVE flaws, misconfigurations, and cloud services to expand their network and evade detection. #Mirai #Gafgyt #PHPVulnerabilities #IoTThreats #CloudSecurity
Keypoints
- Attackers are increasingly exploiting known CVE vulnerabilities in PHP frameworks such as PHPUnit, Laravel, and ThinkPHP.
- Threat actors use tools like β/?XDEBUG_SESSION_START=phpstormβ to gain insights or extract sensitive data from development environments.
- IoT devices and cloud services are targeted for vulnerabilities, credential theft, and misconfigurations to create large-scale botnets.
- Many scanning activities originate from legitimate cloud infrastructures, complicating threat attribution.
- New botnets like TurboMirai enable severe DDoS attacks and facilitate illicit activities like credential stuffing and web scraping.
Read More: https://thehackernews.com/2025/10/experts-reports-sharp-increase-in.html