Vendor
medium
advisory
BadIIS Malware-as-a-Service Ecosystem Targeting IIS Servers
2 rules 1 TTP 6 IOCsA commodity BadIIS malware variant is fueling a thriving malware-as-a-service (MaaS) ecosystem for Chinese-speaking cybercrime groups, allowing them to execute malicious SEO fraud, hijack server content, and redirect traffic to illicit sites.
Photoshop +3
iis
malware
maas
seo fraud
2r
1t
6i
high
threat
Adversaries Leveraging AI for Vulnerability Exploitation and Augmented Operations
2 rules 3 TTPsThreat actors are leveraging AI to enhance vulnerability discovery, exploit development, defense evasion, and autonomous operations, with state-sponsored groups showing particular interest in AI-driven vulnerability research and exploit generation.
exploited
Gemini +1
ai
vulnerability-exploitation
defense-evasion
supply-chain
2r
3t
critical
advisory
Mirai Campaign Exploiting CVE-2025-29635 in D-Link Routers
2 rules 4 TTPs 2 CVEsA new Mirai-based malware campaign is exploiting CVE-2025-29635, a command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet.
DIR-823X +1
mirai
ddos
rce
iot
2r
4t
2c