Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022.

According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months.

First observed in September 2022, the RedGoBot campaign involves dropping a shell script that's designed to download a number of botnet clients tailored to different CPU architectures.

The findings once again underscore the importance of updating software in a timely fashion to avoid exposure to potential threats.

"The surge of attacks leveraging CVE-2021-35394 shows that threat actors are very interested in supply chain vulnerabilities, which can be difficult for the average user to identify and remediate," the researchers concluded.

"These issues can make it difficult for the affected user to identify the specific downstream products that are being exploited."