According to researchers, 0ktapus creates phishing landing pages mimicking legitimate login sites to steal credentials, which are then used for gaining unauthorized access, deploying ransomware, and extortion.

Researchers at Wiz have identified an ongoing campaign targeting exposed Selenium Grid services for illicit cryptocurrency mining. The campaign, known as SeleniumGreed, is exploiting older versions of Selenium to run a modified XMRig miner.

Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. The campaign is an updated variant of a financially motivated operation first reported in March 2023.

WizCase’s team of ethical hackers, led by Ata Hakç?l, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities.