Oligo Security has revealed an ongoing global hacking campaign, ShadowRay 2.0, where attackers exploit a flaw in the Ray AI framework to create a self-propagating botnet. The attackers, known as IronErn440, leverage AI-generated payloads to enhance their methods while competing with other criminal groups for resources. Over 230,000 Ray servers are currently exposed to this threat.

Cydome has identified a new variant of the Mirai botnet, called Broadside, which exploits a vulnerability in TBK DVR devices used in maritime logistics. This variant not only conducts DDoS attacks but also attempts to harvest system credentials, posing a significant threat to shipping operations.

Akirabot has been identified as a malicious bot that spammed approximately 80,000 websites, primarily by exploiting vulnerabilities in outdated content management systems. The attack highlights the ongoing threat of automated bots in the cybersecurity landscape and emphasizes the need for regular updates and security measures.