The Mirai ecosystem has a new variant that, according to researchers at Fortinet, may have been used as a test for future large-scale attacks. The malware, known as ShadowV2, exploited a series of vulnerabilities in IoT devices from D-Link, TP-Link, DigiEver, TBK, DD-WRT, and others in late October. The activity coincided exactly with the global AWS outage and also stopped as soon as the outage was resolved.
It borrows the fuel-cell from the second-generation Mirai and captures the resulting water vapor for other uses. Two electric motors give it 547 horsepower and other modifications make it perfectly suited for going off-road. Toyota doesn't intend to give up on the hydrogen fuel cell as a means to propel passenger vehicles, which it hopes to offer on a wider scale in its future, possibly even powering the next Corolla.
A new RondoDox botnet campaign uses an "exploit shotgun" - fire at everything, see what hits - to target 56 vulnerabilities across at least 30 different vendors' routers, DVRs, CCTV systems, web servers, and other network devices, and then infect the buggy gear with malware. RondoDox is a new-ish botnet that first surfaced in mid-2025 and weaponizes command-injection flaws in internet-facing devices. In recent months, it's been spotted delivering multi-architecture payloads that infect vulnerable gear