Today > | 1 Medium vulnerabilities - You can now download lists of IOCs here!
3 attack reports | 0 vulnerabilities
A new cryptojacking campaign targeting Docker Engine API has been discovered, with the ability to move laterally to Docker Swarm, Kubernetes, and SSH servers. The attackers exploit exposed Docker API endpoints to deploy cryptocurrency miners and additional malicious payloads. They utilize Docker Hu…
This report examines the threat actors behind a 2023 cryptojacking campaign targeting misconfigured Kubernetes clusters, focusing on their evolving techniques to avoid detection. It analyzes the malicious Docker images they deployed, the hardcoded wallet and pool information in the DERO miner binar…
Microsoft security researchers have uncovered an attack campaign exploiting recently disclosed critical vulnerabilities in the OpenMetadata platform to gain unauthorized access to Kubernetes clusters, followed by reconnaissance and the deployment of crypto-mining malware. The vulnerabilities, affec…