Dossier
D-Link
Coverage of D-Link in the Nexus archive.
- AryStinger botnet infected thousands of D-Link routers worldwide
The AryStinger botnet has infected over 4,000 outdated D-Link routers globally, using them as proxies for malicious traffic. The malware is previously undocumented and targets compromised devices to facilitate cyberattacks.
- New Mirai campaign exploits RCE flaw in EoL D-Link routers
A new Mirai-based malware campaign is exploiting a high-severity command-injection vulnerability (CVE-2025-29635) in D-Link DIR-823X routers to add devices to a botnet. The routers are end-of-life (EoL), making them a target for attackers.