Threat actors are exploiting critical flaws in outdated GeoVision IoT devices and Samsung MagicINFO 9 Server to deploy Mirai-based botnets for DDoS attacks. Even patched versions of MagicINFO remain vulnerable. Users are urged to upgrade devices and apply mitigations immediately.