Critical Security Flaw in Wazuh Server Exploited for Mirai Botnet and DDoS Attacks

A critical security vulnerability, now patched, in the Wazuh Server is being exploited by malicious actors to deploy two distinct variants of the Mirai botnet and launch distributed denial-of-service (DDoS) attacks. Akamai, which discovered these exploitation efforts at the end of March 2025, indicated that the malicious campaign targets the vulnerability CVE-2025-24016 (CVSS score: 9.9), an unsecured deserialization flaw.