Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

DrayTek

Self‑replicating botnet abuses Ray clusters to mine cryptocurrency, steal data and launch DDoS attacks

Cloud, Cybercrime, News, Risk, Vulnerabilities

November 19, 2025

Researchers say a campaign called ShadowRay 2.0 has been exploiting internet‑facing Ray clusters using CVE‑2023‑48022 and Ray’s orchestration features to spread a self‑replicating botnet that mines cryptocurrency, steals proprietary data and launches DDoS attacks, with attackers targeting large GPU environments and using automated discovery and multi‑stage payloads.
DrayTek warns of remote code execution bug in Vigor routers

News, Research, Risk, Vendors, Vulnerabilities

October 3, 2025

DrayTek has warned that multiple Vigor router models are affected by CVE-2025-10547, an uninitialized stack vulnerability that can lead to memory corruption and, in some cases, remote code execution; firmware updates are available and administrators are urged to apply them.

About
Editorial Policy
Privacy
Contact