The “Ballista” botnet campaign is exploiting a high-level security flaw to infect unpatched TP-Link routers. Detected by Cato CTRL researchers in January 2025, it has affected over 6,000 devices in countries including Brazil, the UK, and Turkey, with its main targets being the US, Australia, China, and Mexico, where it targets manufacturing, healthcare, and tech organizations. Once installed, Ballista can run remote commands, launch DoS attacks, and scour through sensitive files.
Chinese hackers targeting Juniper Networks routers, so patch now
Chinese hackers are targeting routers made by American networking hardware company Juniper Networks. The culprits, known as UNC3886, are using specially modified backdoor malware to
