RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

July 5, 2025

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

RondoDox downloader shell script | Image: FortiGuard Labs
FortiGuard Labs has uncovered a stealthy and highly adaptive botnet dubbed RondoDox, which is actively exploiting two critical vulnerabilities …

Published Date:
Jul 05, 2025 (2 hours, 12 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleCVE-2025-53367: DjVuLibre Vulnerability Opens Path to Linux Desktop Code Execution, PoC Available!

Next Article Distribution Release: MocaccinoOS 1.8.3

Highlights

CVE-2025-4187 – UserPro – Community and User Profile WordPress Plugin Directory Traversal Vulnerability

June 14, 2025

CVE ID : CVE-2025-4187

Published : June 14, 2025, 9:15 a.m. | 4 hours, 56 minutes ago

Description : The UserPro – Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.1.10 via the userpro_fbconnect() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

This new Coros watch has 3 weeks of battery life and tracks way more – even fly fishing

5 ways automation can speed up your daily workflow – and implementation is easy

This new C-suite role is more important than ever in the AI era – here’s why

iPhone users may finally be able to send encrypted texts to Android friends with iOS 26

Creating Dynamic Real-Time Features with Laravel Broadcasting

Creating Dynamic Real-Time Features with Laravel Broadcasting

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

How to Fix “EA AntiCheat Has Detected an Incompatible Driver” on Windows 11?

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

Investors beware: AI-powered financial scams swamp social media

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

Generate HTTP Fixtures from Live API Calls in Laravel

Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails

CVE-2025-8334 – Campcodes Online Recruitment Management System SQL Injection Vulnerability

Deploy a full stack voice AI agent with Amazon Nova Sonic

CVE-2025-4187 – UserPro – Community and User Profile WordPress Plugin Directory Traversal Vulnerability

CVE-2025-46707 – VMware ESXi Firmware Privilege Escalation

UIBeam is a lightweight, JSX-style HTML template engine

How JavaScript really evolves, the inside story

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

Related Posts