#cryptomining

[ follow ]
#cve-2025-55182 #react2shell #linux-kernel #react-exploit #vulnerability-management #aws-security
Information security
fromThe Hacker News
1 day ago

ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories

Small, quiet shifts across systems—abused trusted tools and unnoticed vulnerabilities—are causing privilege escalation, cryptomining infections, and broader erosion of access, data, and trust.
fromTheregister
1 month ago

Crypto crooks co-opt stolen AWS creds to mine coins

Your AWS account could be quietly running someone else's cryptominer. Cryptocurrency thieves are using stolen Amazon account credentials to mine for coins at the expense of AWS customers, abusing their Elastic Container Service (ECS) and their Elastic Compute Cloud (EC2) resources, in an ongoing operation that started on November 2. The illicit cryptocurrency-mining campaign abuses compromised valid AWS Identity and Access Management (IAM) credentials with "admin-like privileges" - it doesn't exploit a vulnerability -
Information security
Information security
fromTheregister
1 month ago

React2Shell vuln exploited by China, Iran, Google warns

Multiple Chinese state-linked groups, Iran-associated actors, and criminals are exploiting React2Shell (CVE-2025-55182) to deploy backdoors, tunnelers, and cryptominers.
Information security
fromTheregister
1 month ago

Half of exposed React servers remain unpatched amid attacks

Half of internet-facing React server systems remain unpatched against CVE-2025-55182, enabling widespread unauthenticated remote code execution exploitation across diverse attack clusters.
[ Load more ]