#Cryptojacking

Cybersecurity News Everyday

@hendryadrian.bsky.social

3 days ago

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants Researchers discovered 36 malicious npm packages masquerading as Strapi v3 plugins that use postinstall scripts to exploit Redis and PostgreSQL, deploy reverse shells, harvest credentials, and install persistent implants. The packages, published by four sock-puppet accounts and named to mimic legitimate Strapi plugins, likely target cryptocurrency-related assets and include attempts to...

36 malicious npm packages disguised as Strapi v3 plugins exploited Redis and PostgreSQL to deploy persistent implants, harvest credentials, and exfiltrate Guardarian data. Targets likely include crypto assets. #NodeJS #Cryptojacking #Indonesia

CyberTaters

@potato.software

4 weeks ago

🚨 Uncovering the Cryptojacking Campaign Targeting DevOps Tools! 🚨 Dive into our latest blog post to stay informed and protect your projects. 💻🔒 Read more here: innovirtuoso.com/potatosecurity/uncoverin... #Potatosecurity #DevOps #Cryptojacking

David @ InnoVirtuoso

@innovirtuoso.bsky.social

4 weeks ago

Uncovering the Cryptojacking Campaign Targeting DevOps Tools This blog post explores the growing threat of cryptojacking and its impact on DevOps environments. It delves into the techniques used in the Jinx-0132

🚨 Uncovering the Cryptojacking Campaign Targeting DevOps Tools! 🚨 Dive into our latest blog post to stay informed and protect your projects. 💻🔒 Read more here: innovirtuoso.com/cybersecurity/uncovering... #Cybersecurity #DevOps #Cryptojacking

CyberMaterial

@cybermaterial.bsky.social

1 month ago

Wormable XMRig Uses BYOVD Exploit
Read More: buff.ly/tYmgrV7

#XMRig #Cryptojacking #BYOVD #BringYourOwnVulnerableDriver #MalwareSpread #AirGappedRisk #ThreatResearch #CyberThreat

The Daily Tech Feed

@thedailytechfeed.com

1 month ago

New cryptojacking campaign exploits BYOVD and logic bombs to deploy XMRig miner. Stay vigilant! #CyberSecurity #Cryptojacking #XMRig #BYOVD #LogicBomb Link: thedailytechfeed.com/advanced-cry...

iT4iNT SERVER

@it4intserver.bsky.social

1 month ago

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. "Analysis of the recovered dropper, persistence triggers, and mining payload reveals a sophisticated, multi-stage infection prioritizing maximum cryptocurrency mining hashrate, often destabilizing the victim

iT4iNT SERVER Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb VDS VPS Cloud #Cybersecurity #Cryptojacking #XMRig #BYOVD #Malware

The Daily Tech Feed

@thedailytechfeed.com

2 months ago

Alert: Malicious PyPI package 'sympy-dev' impersonates SymPy to deploy XMRig miner on Linux systems. Developers, verify package authenticity to protect your projects. #CyberSecurity #PyPI #Cryptojacking Link: thedailytechfeed.com/malicious-py...

FunctionalProgramming

@functionalprogramming.activitypub.awakari.com.ap.brid.gy

4 months ago

Hackers turn open-source AI framework into global cryptojacking operation Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions in...

#AI #Cybersecurity #Research #Artificial #Intelligence […]

[Original post on cyberscoop.com]

FunctionalProgramming

@functionalprogramming.activitypub.awakari.com.ap.brid.gy

4 months ago

Hackers turn open-source AI framework into global cryptojacking operation Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions in...

#AI #Cybersecurity #Research #Artificial #Intelligence […]

[Original post on cyberscoop.com]

Hackread.com

@hackread.bsky.social

5 months ago

Hackers Hijack Corporate XWiki Servers for Crypto Mining Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackers are hijacking corporate #XWiki servers using flaw CVE-2025-24893 to install cryptominers and gain full server access. Patch now. 🔒

Read: hackread.com/hackers-hija...

#CyberSecurity #RCE #Cryptojacking #XWiki #InfoSec

AlphaHunt Converge

@alphahunt.io

6 months ago

TA-NATALSTATUS: Rootkit-Style Cryptojacking Dominates Exposed Redis Servers Globally If Redis is open to the internet, assume compromise. This actor gains root with native Redis tricks, plants miners, and hides using “rootkit-style” evasion. Here’s how to spot it fast and close the…

Exposed Redis? Congrats — TA‑NATALSTATUS turns it into rootkit-style crypto mining: renamed ps/top, chattr +i locks, cron persistence. Lock Redis or pay the cloud bill. 🔥😈

Read the full breakdown and fixes -> blog.alphahunt.io/ta-natalstat...

#AlphaHunt #CyberSecurity #Redis #Cryptojacking

2rZiKKbOU3nTafniR2qMMSE0gwZ

@2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy

6 months ago

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions The malware now uses a four-stage infection chain, has an additional persistence mechanism, and also targets Firefox browser dat...

#Malware #& #Threats #cryptojacking #macOS #malware #malware #XCSSET

Origin | Interest | Match

David @ InnoVirtuoso

@innovirtuoso.bsky.social

6 months ago

Uncovering the Cryptojacking Campaign Targeting DevOps Tools This blog post explores the growing threat of cryptojacking and its impact on DevOps environments. It delves into the techniques used in the Jinx-0132

🚨 Uncovering the Cryptojacking Campaign Targeting DevOps Tools! 🚨 Dive into our latest blog post to stay informed and protect your projects. 💻🔒 Read more here: innovirtuoso.com/cybersecurity/uncovering... #Cybersecurity #DevOps #Cryptojacking

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

Reverse-Engineering

@reverse-engineering.activitypub.awakari.com.ap.brid.gy

6 months ago

Massive NPM Supply Chain Attack Earned Only $600 for Attackers A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compr...

#Cyber #News #Firewall #Daily #Cryptojacking […]

[Original post on thecyberexpress.com]

2rZiKKbOU3nTafniR2qMMSE0gwZ

@2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy

6 months ago

Highly Popular NPM Packages Poisoned in New Supply Chain Attack Designed to intercept cryptocurrency transactions, the malicious code reached 10% of cloud environments. The post Highly Popular NPM ...

#Application #Security #Supply #Chain #Security […]

[Original post on securityweek.com]

The Daily Tech Feed

@thedailytechfeed.com

6 months ago

New cryptojacking campaign exploits misconfigured Docker APIs via TOR, expanding attack vectors and potential botnet formation. Stay vigilant! #CyberSecurity #Cryptojacking #Docker #TOR Link: thedailytechfeed.com/expanding-cr...