A new attack, dubbed "Operation WrtHug," has compromised around 50,000 outdated ASUS WRT routers, primarily in Taiwan and Southeast Asia. Researchers suspect the campaign is linked to China, leveraging multiple known vulnerabilities to facilitate stealthy espionage.

Thousands of Asus routers have been hacked and are controlled by a suspected Chinese state-sponsored group. The attack targets outdated models that no longer receive security updates, and researchers believe the compromised devices may be used for covert operations and espionage. The majority of affected routers are located in Taiwan, with additional clusters in several other countries.

A serious security vulnerability in older D-Link DSL gateway routers allows attackers to execute commands remotely through the "dnscfg.cgi" endpoint. The flaw affects several models, which are no longer supported, and can lead to DNS hijacking and ongoing security risks for users. Device owners should upgrade to newer models to mitigate these threats.

Scammers are exploiting unsecured cellular routers from Milesight IoT to launch SMS phishing campaigns, known as smishing, that have been active since October 2023. Researchers found over 18,000 routers exposed online, with many allowing unauthorized access and running outdated firmware, making them an effective tool for decentralized phishing efforts targeting users in multiple countries.