<ul><li>Akamai researchers warned that multiple Mirai botnets are exploiting the critical remote code execution vulnerability CVE-2025-24016 in Wazuh servers.</li><li>The vulnerability allows for remote code execution on Wazuh servers, and active exploitation of the flaw has been observed via DAPI request abuse.</li><li>Two Mirai botnet variants named 'Resbot' have been exploiting this bug since March 2025, utilizing Italian domain names and targeting IoT devices.</li><li>Indicators of compromise and details on the exploitation of the Wazuh servers by Mirai botnets have been shared by Akamai researchers.</li></ul>

Mirai botnets exploit Wazuh RCE, Akamai warned

Discover more