KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

March 10, 2026
No Comments

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Cybersecurity researchers have discovered a new malware called KadNap that’s primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic.
The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with more than 60% of victims located in the U.S., according to the Black Lotus Labs team at Lumen. A lesser number of

Leave a Reply Cancel reply

Meta’s Smart Glasses Privacy Scandal Expands After Sama Credentials Found on the Dark Web March 10, 2026
A privacy controversy surrounding Meta Platforms’ Ray-Ban smart glasses has taken a new turn after security researchers uncovered dozens of exposed credentials linked to the company’s data-annotation contractor. Last week, Swedish outlets Svenska Dagbladet and Göteborgs-Posten reported that footage captured by Meta’s smart glasses (developed with Ray-Ban) was being reviewed by human annotators working for outsourcing firm Sama. According […]
Kirsten Doyle
Your Secret Scanner Has a Blind Spot: Here’s How to Fix It March 10, 2026
Every penetration tester has had the moment. You are two days into an engagement, sifting through cloned repositories and intercepted HTTP responses, and a hardcoded AWS key appears in a config file that has been sitting in version control for months. Nobody rotated it. Nobody noticed. And when you validate it, the key is still […]
Michael Weber, Noah Tutt and Zach Grace
Your DSPM found the problems. Now what? March 10, 2026
The first week after the new system went live was great. You saw the rows of red and orange flash across your dashboard as the scans were completed. Now, for the first time, the security team could say, with some authority, where sensitive data was stored in the cloud. Insights were shared, leadership was briefed, and things […]
Franklin Nguyen
Managing App Access on Frontline Devices in an Always-On World March 9, 2026
Australia’s recent decision to restrict social media access for children under 16 marks one of the most significant digital policy interventions the country has seen in years. The new policy reflects rising concern among policymakers around youth access to social media and whether existing safeguards are sufficient in an always-on digital environment. While focused on […]
Michael Dyson
Ad Fraud is Much More Than a Marketing Problem March 6, 2026
In September, cybercriminals pulled off one of the biggest ad fraud scams in recent memory by turning scores of user devices into “ghost click farms” that generated billions of fake ad impressions daily. Then, in January, another gang did it again – using scam software to secretly launch background browsers, interact with ads in a […]
Mike Schrobo
AI Is Making Social Engineering Harder to Detect—But We’re Still Training People Like It’s 2015 March 5, 2026
Last year, Hong Kong police disclosed a reported case that would become a watershed moment in cybersecurity: a finance worker at global engineering firm Arup transferred $25 million to fraudsters after attending a video conference call with what appeared to be the company’s CFO and several colleagues. Every person on the call was a deepfake. […]
Chris Murphy
Thales Data Threat Report: AI and Cloud Complexity Fuel New Data Security Risks March 5, 2026
A new report from Thales highlights how artificial intelligence is reshaping the cybersecurity landscape, introducing new attack vectors while amplifying existing data protection challenges. The 2026 Thales Data Threat Report finds that as organizations accelerate AI adoption, they are simultaneously increasing their exposure to cloud threats, identity attacks, and operational complexity. Based on a survey of more than 3000 IT and security professionals […]
Josh Breaker Rolfe
Fake Tech Support Scams Deliver Advanced Command-and-Control Malware March 5, 2026
Fake tech support scams are not new. Historically, the goal was simple: convince someone to hand over a few hundred dollars in gift cards or give attackers remote access to a computer. However, new research from Huntress highlights how familiar social-engineering tricks are evolving into something far more insidious. Instead of small-scale fraud, malefactors are using fake support calls […]
Kirsten Doyle
Why AI Governance Needs Separate Models for Internal and External Agents March 4, 2026
As AI adoption matures, one trend is becoming impossible to ignore: the line between internal and customer-facing capabilities is blurring. AI agents that automate internal workflows or support employees are now being adapted into customer-facing use cases, powering chat assistants, personalization engines, and automated onboarding experiences. But these are two different animals. Internal AI agents […]
Itamar Apelblat
The Modern CISO: Building Cyber-Resilient Teams in an Era of AI-Driven Threats March 3, 2026
For much of the last decade, the CISO’s job has been framed as a race against increasingly sophisticated adversaries armed with automation, AI, and an expanding arsenal of attack tools. We’ve been told that security teams are losing ground, that attackers are always one step ahead, that the next breach is inevitable and unstoppable. The […]
Philip Chapman

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Leave a Reply Cancel reply

[email protected]

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Share :

Leave a Reply Cancel reply