[ad_1] Unidentified threat actors are actively exploiting a critical authentication bypass vulnerability to hijack home routers as part of an effort to co-opt them to a Mirai-variant botnet used for carrying out DDoS attacks, merely two days after its public disclosure. Tracked as CVE-2021-20090 (CVSS score: 9.9), the weakness concerns a path traversal vulnerability in
[ad_1] Attacks, Threats, and Vulnerabilities Hackers Target Critical Infrastructure in Southeast Asia (GovInfoSecurity) An unidentified hacking group with suspected Chinese ties is targeting critical infrastructure in Southeast Asia as part of a cyberespionage campaign to exfiltrate Critical Infrastructure Organizations in South East Asia Targeted in Espionage Campaign (Symantec) Attackers made extensive use of living-off-the-land techniques