> TritonInfoSec News
Home / May 28, 2026 / Story
0
#1 BleepingComputer general May 27, 2026 at 13:28 UTC

Glassworm botnet disrupted after resilient C2 infrastructure takedown

By Ionut Ilascu

AI Summary

The Glassworm botnet, active since early 2025, targeted software developers through malicious packages and extensions in supply chain attacks. CrowdStrike, Google, and Shadowserver simultaneously took down all four C2 servers, which used resilient infrastructure including Solana blockchain transactions and the BitTorrent DHT network to evade takedowns. This disruption is significant for security teams protecting software development pipelines and open-source ecosystems.

Read full article → https://www.bleepingcomputer.com/news/security/gla…

Relevance score: 88.0/100

# More from May 28

  1. 2
    CISA gives feds 4 days to patch actively exploited cPanel plugin flaw BleepingComputer
  2. 3
    Iranian intelligence service behind hack of LA transit system, researchers say The Record
  3. 4
    FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data SecurityWeek
  4. 5
    Gitea Vulnerability Exposes Private Container Images without Authentication The Hacker News
  5. 6
    Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries SecurityWeek
  6. 7
    Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment SecurityWeek
  7. 8
    Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands SecurityWeek
  8. 9
    CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks The Hacker News
  9. 10
    185,000 Likely Impacted by 7-Eleven Data Breach SecurityWeek