ALL POSTS

Key Findings The AISURU/Kimwolf botnet hit a record-breaking 31.4 Tbps DDoS attack that lasted just 35 seconds in November 2025. Cloudflare automatically detected and blocked the attack as part of a surge in hyper-volumetric HTTP DDoS attacks observed in late 2025. The number and size of DDoS attacks increased significantly in 2025, with a 40% rise in hyper-volumetric attacks in Q4 2025 compared to the previous quarter. The largest attacks targeted Cloudflare customers in the

Key Findings The Aisuru/Kimwolf botnet launched a record-setting DDoS attack that peaked at 31.4 Tbps and 200 million requests per second. The attack was part of a broader campaign targeting multiple organizations, primarily in the telecommunications and IT sectors. Cloudflare automatically detected and mitigated the attack, which they dubbed "The Night Before Christmas" due to its timing in late December 2025. The Aisuru/Kimwolf botnet is a large-scale network of malware-inf

Key Findings The Kimwolf Android botnet has infected over 2 million devices, primarily through the exploitation of residential proxy networks. The botnet primarily targets low-cost, unofficial Android TV boxes that are left insecure or intentionally configured as proxy nodes. Kimwolf is believed to be an Android variant of the AISURU botnet, with connections to a series of record-setting DDoS attacks. The botnet uses a scanning infrastructure that leverages residential proxie

Key Findings The Kimwolf Android botnet has infected over 1.8 million devices globally, primarily targeting TV boxes It uses advanced techniques like DNS over TLS, elliptic curve digital signatures, and blockchain domains to evade detection The botnet is capable of massive DDoS attacks, issuing over 1.7 billion commands in a three-day period Kimwolf shares code with the Aisuru botnet family but has been heavily redesigned to avoid detection Background The Kimwolf botnet was f

Key Findings DDoS attacks will increasingly be used as diversion tactics to draw attention away from more damaging activities API-first architectures will increase exposure to misconfigurations and business logic abuse Integrated WAAP platforms will overtake fragmented web security architectures AI-driven DDoS mitigation will become essential against hyper-scale attacks Regulatory pressure will intensify as cybersecurity oversight expands across Europe Background Cybersecurit

Key Findings Cloudflare mitigated the largest ever distributed denial-of-service (DDoS) attack, measuring 29.7 terabits per second (Tbps) The attack originated from the AISURU DDoS botnet-for-hire, which has been linked to numerous high-volume DDoS attacks over the past year The 69-second attack did not disclose the target, but AISURU has targeted telecommunication providers, gaming companies, hosting providers, and financial services AISURU is believed to be powered by a mas

Key Findings Microsoft disclosed that it automatically detected and mitigated a 15.72 Tbps DDoS attack, the largest ever observed in the cloud, targeting a single endpoint in Australia. The attack originated from the AISURU botnet, a Mirai-class IoT botnet powered by nearly 300,000 infected devices, mainly routers, security cameras, and DVR systems. The attack involved massive UDP floods from over 500,000 source IPs across various regions, with minimal spoofing and random sou