Security News

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
2025-01-13 13:33

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency...

CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
2025-01-10 09:09

Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that's disguised as an employee CRM application as part of...

Fake CrowdStrike job offer emails target devs with crypto miners
2025-01-09 21:30

CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner...

Ultralytics AI model hijacked to infect thousands with cryptominer
2024-12-06 18:54

The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) [...]

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner
2024-11-28 10:48

Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later...

Crypto miner arrested for skipping on $3.5 million in cloud server bills
2024-04-15 18:10

The U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills. The DOJ explains that the defendant created a unique scheme that utilized $3.5 million worth of cloud computing resources to mine $970,000 worth of cryptocurrency at the expense of two cloud service providers.

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks
2024-01-12 07:56

Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is...

Beware: 3 Malicious PyPI Packages Found Targeting Linux with Crypto Miners
2024-01-04 10:35

Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three...

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
2023-12-20 12:59

The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability to distribute malware, the Imperva Threat Research team has found. Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners on Linux and Windows hosts by exploiting known vulnerabilities.

NPM packages posing as speed testers install crypto miners instead
2023-02-14 17:25

A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. The packages were uploaded onto NPM, an online repository containing over 2.2 million open-source JavaScript packages shared among software developers to speed up the coding process.