InfoSecBulletin Cybersecurity for mankind
On October 24, 2025, Azure DDoS Protection detected and mitigated the largest cloud DDoS attack at 15.72 Tbps with nearly 3.64 billion packets per second, aimed at one endpoint in Australia.
Azure’s global DDoS Protection system quickly identified and mitigated threats, filtering out harmful traffic and ensuring continuous service for customer workloads.
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Critical Cisco ISE Vulnerability Enables Remote Code Execution
F5 Patches NGINX Flaw for Code Execution and DoS Attacks
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally
New Rokarolla Android malware hits 217 banking and crypto apps
Phishing Campaign Exploits Legitimate Microsoft Login Flow
ALERT
Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks
“Panthalassa” builds floating AI data centers powered by ocean waves
Critical Wazuh Vuln Enables Alert Tampering and Evidence Deletion
The attack originated from Aisuru botnet. Aisuru is a Turbo Mirai-class IoT botnet that frequently causes record-breaking DDoS attacks by exploiting compromised home routers and cameras, mainly in residential ISPs in the United States and other countries.
The attack featured high-rate UDP floods aimed at a specific public IP, originating from over 500,000 unique IPs. These sudden UDP bursts had little source spoofing and random ports, making traceback easier and allowing for provider enforcement.
An Azure attack surpasses recent records, indicating a worrying trend. Last month, on September 15, 2025, Cloudflare disclosed that it stopped a 22.5 Tbps attack, driven by a Mirai variant infecting smart devices.
In March 2025, Google Cloud fended off a 10.2 Tbps attack from Asia-Pacific botnets that used SYN floods and DNS amplification.
In 2024, AWS reported an 8.9 Tbps attack on a U.S. e-commerce site, linked to hacked routers in Eastern Europe.
Cloudflare’s 2025 Q1 DDoS Report from April showed a record number of DDoS attacks mitigated last year, marking a 198% increase from the previous quarter and a 358% rise compared to the previous year.
It blocked 21.3 million DDoS attacks against its customers in 2024, plus 6.6 million attacks on its infrastructure during an 18-day multi-vector campaign.
DDoS Scandals Hit Bangladesh ISP Sector: BTRC Prepares Crackdown
