The Diicot threat group (also known as Mexals) is known for targeting Linux systems using techniques like self-propagating tools, custom UPX packers, Internet scanning, and cryptomining malware like XMRig.

Researchers at Wiz examined the risks linked to misconfigurations in Spring Boot Actuator’s endpoints that can expose sensitive information like environment variables, passwords, and API keys, potentially allowing for remote code execution.

According to researchers, 0ktapus creates phishing landing pages mimicking legitimate login sites to steal credentials, which are then used for gaining unauthorized access, deploying ransomware, and extortion.

Researchers at Wiz have identified an ongoing campaign targeting exposed Selenium Grid services for illicit cryptocurrency mining. The campaign, known as SeleniumGreed, is exploiting older versions of Selenium to run a modified XMRig miner.

Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. The campaign is an updated variant of a financially motivated operation first reported in March 2023.

WizCase’s team of ethical hackers, led by Ata Hakç?l, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities.