TP-Link
-
Mirai variant Nexcorium targets TBK DVRs and outdated TP-Link routers
Threat actors are exploiting flaws in TBK DVR devices and unsupported TP-Link routers to spread a Mirai variant called Nexcorium, according to a Fortinet technical analysis and a Unit 42 disclosure. The malware adds persistence, brute-force and DDoS functions.
-
Russian military hackers target thousands of consumer routers, researchers say
Russian military-linked hackers used tens of thousands of consumer routers in 120 countries to reroute traffic to credential-harvesting sites, researchers said. The campaign targeted older MikroTik and TP-Link devices and used DNS changes to intercept connections.
-
APT28 linked to router hijacking campaign that affected 200 organizations
APT28 has been linked to a campaign that hijacked insecure routers to redirect DNS traffic and steal credentials. The operation affected more than 200 organizations and 5,000 consumer devices, according to Microsoft.
-
Texas sues TP-Link over alleged deceptive labeling and security risks
Texas sued TP-Link, accusing the company of deceptive “Made in Vietnam” labeling and security failures that allowed state-backed hackers to exploit firmware flaws. The suit seeks monetary penalties and injunctions to force disclosure and change data practices.
-
TP-Link issues firmware updates for Omada gateways to fix four vulnerabilities, including two critical bugs
TP-Link released firmware updates for Omada gateway devices to fix four vulnerabilities, including two critical command injection flaws; users are advised to apply updates and verify device configurations.
-
CISA Warns of Critical Vulnerability in TP-Link Routers Amid Active Exploitation
CISA has identified a critical vulnerability in TP-Link routers, urging users to take immediate action as evidence of active exploitation emerges. The agency’s guidelines are designed to mitigate the risks associated with this command injection vulnerability, affecting multiple router models.
