In other depressing IoT news, iRobot, the maker of the popular Roomba vacuums, files for bankruptcy and sells itself to Chinese company. Hello cameras and mics in bajillions of homes.

iRobot, the maker of Roomba vacuums, files for bankruptcy and sells itself to Chinese company

iRobot, which introduced the Roomba vacuum cleaner in 2002, vows to continue supporting its products despite Chapter 11 filing.

Been working on an important series of follow-up stories about the evolution of the Aisuru botnet, an Internet-of-Things (IoT) botnet that's been blamed for successive record-smashing DDoS attacks in recent months. Meanwhile, the people who have controlled Aisuru for some time recently insisted up and down that they were not responsible for the massive Aisuru attacks of late. Hats off to Xlab for this incredible report, which explains (to a degree) how Aisuru gave rise to a distinct botnet called Kimwolf, which has an estimated 2-3 million infected hosts and is growing rapidly. I don't have to tell anyone that if 800k bots from Aisuru can down the largest sites on the internet, Kimwolf can take down entire countries.

奇安信 X 实验室

史上最疯：独家揭秘感染全球180万Android设备的巨型僵尸网络Kimwolf

背景介绍 2025年10月24日，安全社区的信任伙伴给我们提供了一个全新的僵尸网络样本，该样本最特别的地方是�...

Read this upsetting story at the BBC today about scam groups that are using terminally ill children to raise money then stiffing the parents of the funds. The story says the scam was tied to an org called Chance Letikva (chanceletikva.org) but stops short of figuring out who's responsible.

Children with cancer scammed out of millions fundraised for their treatment, BBC finds

Huge amounts appear to have been raised for seriously ill children who never received the money.

I spent about 10 seconds looking at the passive DNS for this domain, and found some interesting leads. Passive DNS shows it references the email address davidm@yeahdim.co.il. That email address is tied to multiple website registrations for a person in Israel by the name of David Margaliot, and also Shoshana Margaliot. A search on this name in Domaintools finds the name David Margaliot tied to at least 25 domains, including ezri.org.il, which is a very odd site that features a huge image of a young child who is apparently in the hospital holding a gift wrapped box with a teddy bear. The site asks for donations but has a strange mission statement: Ezri Association promotes life-saving innovation through a surveillance drone project for emergency response teams, the establishment of an international medical knowledge database, along with other technological initiatives". I'll probably continue the rest of this in a follow-up story.

Interesting topic: If AI replaces workers, should it also pay taxes?

EL PAÍS English

If AI replaces workers, should it also pay taxes?

The technological race among industry giants and the wave of layoffs they have announced has revived the debate about the advisability of taxing au...

Extensive discussion here: https://news.ycombinator.com/item?id=46268709

New, from me: Most Parked Domains Now Serving Malicious Content Direct navigation — the act of visiting a website by manually typing a domain name in a web browser — has never been riskier: A new study finds the vast majority of “parked” domains — mostly expired or dormant domain names, or common misspellings of popular websites — are now configured to redirect visitors to sites that foist scams and malware.

Most Parked Domains Now Serving Malicious Content – Krebs on Security

#typosquatting