The Register: Critical Wazuh bug exploited in growing Mirai botnet infection

Jun 10, 2025

—

Source URL: https://www.theregister.com/2025/06/10/critical_wazuh_bug_exploited_in/
Source: The Register
Title: Critical Wazuh bug exploited in growing Mirai botnet infection

Feedly Summary: The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too
Cybercriminals are trying to spread multiple Mirai variants by exploiting a critical Wazuh vulnerability, researchers say – the first reported active attacks since the code execution bug was disclosed.…

AI Summary and Description: Yes

Summary: The text discusses critical security vulnerabilities within the open-source security platform Wazuh, particularly its susceptibility to cybercriminal attacks utilizing Mirai variants. This highlights important implications for security professionals focused on information security, vulnerability management, and incident response.

Detailed Description: The text sheds light on a significant security issue involving Wazuh, an open-source XDR/SIEM (Extended Detection and Response/Security Information and Event Management) provider. Cybercriminals have been attempting to exploit a critical vulnerability in Wazuh, taking advantage of code execution bugs reported for the first time during active attacks.

– **Vulnerability Awareness**: The mention of a critical vulnerability points to the necessity for continuous monitoring and patch management in organizations utilizing any open-source tools, particularly in security infrastructure.
– **Active Exploitation**: This is the first documented occurrence of attacks utilizing this vulnerability, underscoring the urgency for security teams to assess their systems for potential exposure.
– **Mirai Botnet Activity**: The activity of cybercriminals spreading Mirai variants indicates an ongoing threat landscape where IoT devices and other networked systems continue to be targets for botnet attacks.
– **Incident Response Implications**: For security professionals, this serves as a call to improve incident response strategies and to deploy proactive threat detection mechanisms.

In summary, the information presented highlights the dynamic challenges within the realm of information security, particularly concerning the exploitation of vulnerabilities in widely-used security solutions, reinforcing the need for vigilance and an adaptive security posture.

1 10 2 2025 5 a Act active exploitation adaptive adaptive security AI air and Arch Aria art as attack attacks aware awareness Bi botnet botnets Bug bugs by C CERN challenges CI closed co code code execution code execution bug continuous monitoring critical critical vulnerability cross cyber cybercriminal cybercriminals D de detection detection mechanisms device document e end event execution exp exploit Exploitation eXtended Extended Detection and Response first focused for g Gen GIS Go gs H high Highlight HR http HTTPS implications implications for security in incident incident response incident response strategies information information security infrastructure io IoT IoT Devices IRS issue ite k l land led Li lm M man management Mir Mirai Mirai botnet Monitor monitoring multi N network networked systems NGO o of on open open-source open-source tools organization organizations oS other Patch Patch Management platform point post potential pre proactive proactive threat detection professionals ps R rate RCE reading real report research researchers response response strategies Ro row s search sec security security infrastructure security platform security posture security professionals security solutions security teams Security Vulnerabilities server servers SHA SIEM Sig solutions source source security source tools SSE SSH strategies system systems T taking team Teams text the threat threat detection threat landscape Time to tool tools Tor TP two under US use V Vantage vigilance vulnerabilities vulnerability Vulnerability Management Ware Wazuh Wi x