DDoS
-
Researchers find HTTP/2 flaw that can trigger rapid denial of service on major servers
Researchers say a new HTTP/2 denial-of-service flaw can hit major web servers, including NGINX, Apache HTTPD and Microsoft IIS. The issue can rapidly exhaust memory and may be difficult to block in default configurations.
-
Dutch authorities take down botnet tied to 17 million infected devices
Dutch authorities have taken offline a botnet of at least 17 million infected devices and seized more than 200 servers in the Netherlands, according to a joint disclosure from the National Cyber Security Centre and police.
-
Leaked Shai-Hulud malware resurfaces in npm infostealer campaign
Four malicious npm packages infected with a Shai-Hulud clone were published over the weekend, stealing credentials, secrets and crypto wallet data. One package also added DDoS features, and the combined downloads reached 2,678.
-
Mirai-based xlabs_v1 botnet targets Android devices with exposed ADB
A Mirai-derived botnet called xlabs_v1 is targeting Android devices with exposed ADB services, using them for DDoS attacks and bandwidth-based profiling, according to a technical analysis from Hunt.io.
-
Global police seize 53 domains in DDoS-for-hire crackdown
Police in 21 countries seized 53 domains and arrested four people in Operation PowerOFF, a crackdown on DDoS-for-hire services used by more than 75,000 cybercriminals and tied to databases with over 3 million accounts.
-
Masjesu botnet emerges as DDoS-for-hire service targeting IoT devices
Researchers say the Masjesu botnet has been sold as a DDoS-for-hire service since 2023, targeting IoT devices across multiple architectures while using stealth tactics, self-propagation and hard-coded control channels.
-
Authorities disrupt command servers for IoT botnets behind record DDoS attacks
U.S. authorities disrupted command servers for multiple IoT botnets on Thursday, targeting networks that infected at least 3 million devices and launched DDoS attacks peaking near 30 terabits per second.
-
DDoS attack disables Perm parking payments, drivers excused for March 10–13
A DDoS attack knocked Perm’s parking payment portal offline from March 10 to 13, leaving paid parking zones free and drivers excused for non-payment while systems were restored.
-
DDoS attack disrupts Deutsche Bahn booking and timetable systems
A Deutsche Bahn blog post said a DDoS attack disrupted bahn.de and the DB Navigator app starting about 1545 UTC on 17 February. Services were restored with limitations by about 1300 UTC on 18 February.
-
NCSC alert warns pro-Russian DDoS groups targeting UK local government and operational technology
On January 21, 2026 the UK’s National Cyber Security Centre issued an alert warning that pro-Russian DDoS attacks are targeting British organisations, especially local government and operational technology, and advised steps to harden defences.
