Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices

Updated on March 11, 2025

Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.
“The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with…

Read the rest of the story at Read More

Source: The Hacker News

April 18, 2025 Uncategorized

Multi-Stage Malware Attack Uses .JSE and...

February 28, 2025 Uncategorized

12,000+ API Keys and Passwords Found in ...

December 5, 2024 Uncategorized

Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices

Related posts

Multi-Stage Malware Attack Uses .JSE and...

12,000+ API Keys and Passwords Found in ...

NCA Busts Russian Crypto Networks Launde...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines