IoT Security Archives

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations

April 20, 2026

Cybersecurity researchers have uncovered a new wave of attacks where threat actors are exploiting vulnerabilities in TBK digital video recorders and outdated TP-Link routers to deploy a powerful Mirai-based botnet. The findings were reported by Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. Exploitation of TBK DVR Devices The attack specifically targets TBK DVR systems by abusing CVE-2024-3721, […]

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations Read More »

Ongoing Attacks Target Legacy D-Link DSL Routers via Critical RCE Vulnerability

January 7, 2026

Cybersecurity researchers have reported ongoing attacks exploiting a critical vulnerability in legacy D-Link DSL gateway routers. The flaw, tracked as CVE-2026-0625, has a CVSS score of 9.3 and enables unauthenticated remote attackers to execute arbitrary code on affected devices. Command Injection in DNS Configuration Endpoint The vulnerability stems from improper sanitization of user-supplied DNS parameters in the dnscfg.cgi endpoint. Exploitation allows

Ongoing Attacks Target Legacy D-Link DSL Routers via Critical RCE Vulnerability Read More »

Unpatched Firmware Vulnerability Leaves TOTOLINK EX200 Open to Full Remote Device Takeover

January 7, 2026

The CERT Coordination Center (CERT/CC) has issued a security advisory detailing a serious unpatched vulnerability affecting the TOTOLINK EX200 wireless range extender, which could allow a remote attacker to gain complete control over the device. The vulnerability, tracked as CVE-2025-65606, originates from improper error handling within the device’s firmware upload mechanism. Although no CVSS score has been

Unpatched Firmware Vulnerability Leaves TOTOLINK EX200 Open to Full Remote Device Takeover Read More »