The Ballista botnet has compromised over 6000 TP-Link Archer AX-21 routers through a high-severity remote code execution flaw, according to The Hacker News. The botnet, thought to be operated by an Italy-based threat actor, has been targeting manufacturing, technology, and healthcare organizations primarily in the US, Mexico, China, and Australia, deploying malware to facilitate various attacks.

New infosec products of the week: March 14, 2025
SimSpace’s Stack Optimizer assists companies make strategic decisions on their security investments, while Pondurance Platform 2.0 identifies data breach risks and Detectify Alfred collects threat