https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-08T10:43:33.217779+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/1c1cf615-6580-4be5-9d3e-b5ee02a3e847/export1c1cf615-6580-4be5-9d3e-b5ee02a3e8472026-06-08T10:43:33.558095+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "1c1cf615-6580-4be5-9d3e-b5ee02a3e847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27137", "type": "seen", "source": "https://infosec.exchange/users/VirusBulletin/statuses/116691019017195575", "content": "Vincent Li at FortiGuard Labs analyses C0XMO, a new Gafgyt variant discovered in March 2026 that spreads by exploiting CVE-2021-27137. A key change is the separation of lateral movement into a standalone Python script, helping the botnet target multiple architectures and device types. https://www.fortinet.com/blog/threat-research/inside-cross-platform-propagation-of-new-gafgyt-variant-c0xmo", "creation_timestamp": "2026-06-04T09:00:51.199952Z"}2026-06-04T09:00:51.199952+00:00https://vulnerability.circl.lu/sighting/892f8cd5-f027-4216-a9f4-820c5d13baeb/export892f8cd5-f027-4216-a9f4-820c5d13baeb2026-06-08T10:43:33.558021+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "892f8cd5-f027-4216-a9f4-820c5d13baeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27137", "type": "seen", "source": "https://bsky.app/profile/virusbtn.bsky.social/post/3mnhb5w3wbk2o", "content": "Vincent Li at FortiGuard Labs analyses C0XMO, a new Gafgyt variant that spreads by exploiting CVE-2021-27137. A key change is the separation of lateral movement into a standalone Python script, helping the botnet target multiple architectures and device types. www.fortinet.com/blog/threat-...", "creation_timestamp": "2026-06-04T09:00:52.029145Z"}2026-06-04T09:00:52.029145+00:00https://vulnerability.circl.lu/sighting/0db5a276-5700-44ef-a0a4-ed1c0f59eb86/export0db5a276-5700-44ef-a0a4-ed1c0f59eb862026-06-08T10:43:33.557946+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "0db5a276-5700-44ef-a0a4-ed1c0f59eb86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27137", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnj5ifvhld2l", "content": "FortiGuard Labs found C0XMO, a modular Gafgyt variant exploiting CVE-2021-27137 on DD-WRT routers, using Python scanning to spread across Linux and IoT devices with persistence and DDoS features. #C0XMO #Gafgyt #DDWRT", "creation_timestamp": "2026-06-05T03:00:26.524345Z"}2026-06-05T03:00:26.524345+00:00https://vulnerability.circl.lu/sighting/0ff28e04-7384-4ba6-8379-84881a799956/export0ff28e04-7384-4ba6-8379-84881a7999562026-06-08T10:43:33.557843+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "0ff28e04-7384-4ba6-8379-84881a799956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27137", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnpqpkmbya2x", "content": "C0XMO, a modular Gafgyt botnet, targets DD-WRT routers via CVE-2021-27137, brute-forces weak SSH/Telnet logins, and kills rival malware while spreading across many device architectures. #C0XMO #Gafgyt #DDWRT", "creation_timestamp": "2026-06-07T18:00:26.647208Z"}2026-06-07T18:00:26.647208+00:00https://vulnerability.circl.lu/sighting/220ff201-319d-45fa-b93a-c0d64ec6e6fb/export220ff201-319d-45fa-b93a-c0d64ec6e6fb2026-06-08T10:43:33.555214+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "220ff201-319d-45fa-b93a-c0d64ec6e6fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2021-27137", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mnqwigyq2f24", "content": "\ud83d\udcf0 Botnet C0XMO Meluas Lewat Celah DD-WRT: Luncurkan Serangan DDoS dan Basmi Malware Pesaing\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/08/botnet-c0xmo-serang-router-dd-wrt-dan-hapus-malware-pesaing/\n\n#botnetC0xmo #cve-2021-27137 #dd-wrt #fortinet #gafgyt #keamananSiber #mal", "creation_timestamp": "2026-06-08T05:16:28.674906Z"}2026-06-08T05:16:28.674906+00:00