> TritonInfoSec News
Home / Jun 12, 2026 / Story
0
#9 The Hacker News general June 10, 2026 at 16:08 UTC

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

By [email protected] (The Hacker News)

AI Summary

Lumen researchers identified a resurgence of the JDY botnet, a China-nexus reconnaissance infrastructure now comprising over 1,500 compromised SOHO and IoT devices used to continuously scan, fingerprint, and map exposed internet services at scale. The botnet operates as a centrally controlled high-performance scanner, consistent with pre-intrusion targeting behavior seen in Chinese state-sponsored campaigns like Salt Typhoon. Network defenders should review firewall logs for JDY scanning signatures, particularly on edge devices.

Read full article → https://thehackernews.com/2026/06/china-linked-jdy…

Relevance score: 75.0/100

# More from June 12

  1. 1
    ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities The Hacker News
  2. 2
    CISA tells govt agencies to patch critical exploited flaws in 3 days BleepingComputer
  3. 3
    Max severity Ivanti Sentry vulnerability now exploited in attacks BleepingComputer
  4. 4
    Microsoft Patches Exploited Exchange Server Vulnerability SecurityWeek
  5. 5
    Russian national charged in connection with Void Blizzard espionage campaign CyberScoop
  6. 6
    GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks The Hacker News
  7. 7
    New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files The Hacker News
  8. 8
    ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances The Hacker News
  9. 10
    Coupang hit with record $409 million data breach fine in Korea BleepingComputer