Critical Wazuh Bug Exploited in Mirai Botnet Expansion Drive

Critical Wazuh bug exploited in Mirai botnet expansion drive

: The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too

Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw

Researchers warn that several botnets built on the Mirai malware codebase are targeting outdated Wazuh XDR and SIEM management servers. For the past several months, the botnets have been exploiting a critical remote code execution vulnerability in Wazuh that was patched in February. Researchers from content delivery and security company Akamai first detected exploitation of the Wazuh vulnerability in its honeypot servers in March, several weeks …

Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw

Akamai's latest report reveals two Mirai botnets exploiting the critical CVE-2025-24016 flaw in Wazuh. Learn about these fast-spreading IoT threats and urgent patching advice.

Mirai botnets exploit Wazuh RCE, Akamai warned

Mirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai warned. Akamai researchers warn that multiple Mirai botnets exploit the critical remote code execution vulnerability CVE-2025-24016 (CVSS score of 9.9) affecting Wazuh servers. Wazuh is… Read more → The post Mirai botnets exploit Wazuh RCE, Akamai warned appeared first on IT Security News.

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) - Help Net Security

Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a popular open-source security information and event management (SIEM) and extended detection and response (XDR) solution that’s widely used for host-based intrusion detection, log analysis, file integrity monitoring, and more. It’s core components are…