-
Amazon: Ongoing cryptomining campaign uses hacked AWS accounts
Amazon's AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud (EC2) and Elastic Container Service (ECS) using compromised credentials for Identity and Access Management (IAM).
- December 17, 2025
- 04:48 PM
0
-
New Koske Linux malware hides in cute panda images
A new Linux malware named Koske may have been developed with artificial intelligence and is using seemingly benign JPEG images of panda bears to deploy malware directly into system memory.
- July 24, 2025
- 04:54 PM
2
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Hacker arrested for breaching 5,000 hosting accounts to mine crypto
The Ukrainian police arrested a 35-year-old hacker who breached 5,000 accounts at an international hosting company and used them to mine cryptocurrency, resulting in $4.5 million in damages.
- June 04, 2025
- 03:38 PM
- 0
-
Malicious VSCode extensions infect Windows with cryptominers
Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
- April 07, 2025
- 01:18 PM
- 0
-
YouTubers extorted via copyright strikes to spread malware
Cybercriminals are sending bogus copyright claims to YouTubers to coerce them into promoting malware and cryptocurrency miners on their videos.
- March 08, 2025
- 10:11 AM
- 1
-
Cracked Garry’s Mod, BeamNG.drive games infect gamers with miners
A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry's Mod, BeamNG.drive, and Dyson Sphere Program.
- February 18, 2025
- 04:25 PM
- 2
-
Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig).
- January 09, 2025
- 04:30 PM
- 0
-
Malicious Rspack, Vant packages published using stolen NPM tokens
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers.
- December 20, 2024
- 12:47 PM
- 0
-
Crypto-stealing malware campaign infects 28,000 people
Over 28,000 people from Russia, Turkey, Ukraine, and other countries in the Eurasian region were impacted by a large-scale cryptocurrency-stealing malware campaign.
- October 09, 2024
- 05:22 PM
- 0
-
New Linux malware Hadooken targets Oracle WebLogic servers
Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken," which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks.
- September 13, 2024
- 01:05 PM
- 0
-
P2PInfect botnet targets REdis servers with new ransomware module
P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers.
- June 25, 2024
- 06:00 AM
- 0
-
RUBYCARP hackers linked to 10-year-old cryptomining botnet
A Romanian botnet group named 'RUBYCARP' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain.
- April 09, 2024
- 11:30 AM
- 0
-
Hackers exploit Ray framework flaw to breach servers, hijack resources
A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.
- March 26, 2024
- 02:51 PM
- 0
-
New Migo malware disables protection features on Redis servers
Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency.
- February 20, 2024
- 02:38 PM
- 0
-
Docker hosts hacked in ongoing website traffic theft scheme
A new campaign targeting vulnerable Docker services deploys an XMRig miner and the 9hits viewer app on compromised hosts, allowing a dual monetization strategy.
- January 18, 2024
- 06:00 AM
- 0
-
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
- November 20, 2023
- 11:54 AM
- 0
-
StripedFly malware framework infects 1 million Windows, Linux hosts
A sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a million Windows and Linux systems during that time.
- October 26, 2023
- 10:47 AM
- 2
-
Hackers actively exploiting Openfire flaw to encrypt servers
Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers.
- September 26, 2023
- 10:20 AM
- 0
-
New PyLoose Linux malware mines crypto directly from memory
A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining.
- July 12, 2023
- 05:50 PM
- 0
-
Pirated Final Cut Pro infects your Mac with cryptomining malware
Security researchers discovered a cryptomining operation targeting macOS with a malicious version of Final Cut Pro that remains largely undetected by antivirus engines.
- February 23, 2023
- 01:34 PM
- 0
