The new version of the botnet, which first surfaced on November 15, includes exploits for the n-day vulnerability affecting EdgeMarc Enterprise Session Border Controller devices from AT&T.