A critical vulnerability in Wazur Server, CVE-2025-24016, is being exploited by threat actors to deploy Mirai botnet variants for DDoS attacks. Cybercriminals are leveraging known exploits on IoT devices and servers, leading to widespread infections and targeting regions worldwide. #CVE202524016 #MiraiBotnet
Keypoints
- The vulnerability CVE-2025-24016 affects all versions of Wazur Server software and allows remote code execution.
- Threat actors quickly exploited the flaw to deploy Mirai botnet variants like LZRD, neon, vision, and Resbot.
- Mirai botnets are using malicious scripts to download malware from external servers and infect IoT devices and servers.
- Additional vulnerabilities in IoT devices, such as routers and DVRs, are frequently exploited to expand botnet networks.
- Regions such as APAC, China, India, and countries in Europe face increasing targeted attacks and malware infections.
Read More: https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html