Unupdated TP-Link Archer routers have emerged as the focus of a recent botnet initiative referred to as Ballista, based on recent discoveries from the Cato CTRL team.
“The botnet takes advantage of a remote code execution (RCE) flaw in TP-Link Archer routers (CVE-2023-1389) to propagate itself autonomously across the Internet,” cybersecurity analysts Ofek Vardi and Matan Mittelman mentioned in a technical report distributed to