Search results for ASUS firmware exploit 2023 | Breaking Cybersecurity News | The Hacker News

A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network. The router hijacking activity has been codenamed Operation WrtHug by SecurityScorecard's STRIKE team. Southeast Asia and European countries are some of the other regions where infections have been recorded. Over the past six months, more than 50,000 unique IP addresses belonging to these compromised devices around the globe have been identified. The attacks likely involve the exploitation of six known security flaws in end-of-life ASUS WRT routers to take control of susceptible devices. All the infected routers have been found to share a unique self-signed TLS certificate with an expiration date set for 100 years from April 2022. SecurityScorecard said 99% of the services presenting the certificate are ASUS AiCloud, a proprietary service designed to enable access to local stora...

Microsoft on Tuesday rolled out its first security update for 2026 , addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote code execution, and five spoofing flaws. According to data collected by Fortra, the update marks the third-largest January Patch Tuesday after January 2025 and January 2022. These patches are in addition to two security flaws that Microsoft has addressed in its Edge browser since the release of the December 2025 Patch Tuesday update, including a spoofing flaw in its Android app ( CVE-2025-65046 , 3.1) and a case of insufficient policy enforcement in Chromium's WebView tag ( CVE-2026-0628 , CVSS score: 8.8). The vulnerability that has come under in-the-wild exploitation is CVE-2026-20805 (CV...

A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085 , carries a CVSS v4 score of 10.0, indicating maximum severity. "A local or remote attacker can exploit the vulnerability by accessing the remote management interfaces (Redfish) or the internal host to the BMC interface (Redfish)," firmware security company Eclypsium said in a report shared with The Hacker News. "Exploitation of this vulnerability allows an attacker to remotely control the compromised server, remotely deploy malware, ransomware, firmware tampering, bricking motherboard components (BMC or potentially BIOS/UEFI), potential server physical damage (over-voltage / bricking), and indefinite reboot loops that a victim cannot stop." The vulnerability can further be weaponized to stage disruptiv...

Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain sight. It’s worth asking: what patterns are we missing, and what signals are we ignoring because they don’t match old playbooks? This week’s reports bring those quiet signals into focus—from attacks that bypassed MFA using trusted tools, to supply chain compromises hiding behind everyday interfaces. Here's what stood out across the cybersecurity landscape: ⚡ Threat of the Week Cloudflare Blocks Massive 7.3 Tbps DDoS Attack — Cloudflare said it autonomously blocked the largest distributed denial-of-service (DDoS) attack ever recorded, which hit a peak of 7.3 terabits per second (Tbps). The attack, the company said, targeted an unnamed hosting provider and delivered 37.4 terabytes in 45 seconds. It origi...