TechRadar

Docker API targeted by cryptojacking campaign looking to build mega botnet

Hackers have been spotted using the Docker Engine API to target various containers with cryptojackers and other malware. Cybersecurity researchers at Datadog, who recently observed one such campaign ...
Infosecurity-magazine.com

Python Malware Poses DDoS Threat Via Docker API Misconfiguration

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...
Infosecurity-magazine.com

Crypto-Mining Botnet Goes After Misconfigured Docker APIs

A notorious cryptocurrency mining botnet has begun targeting misconfigured Docker APIs, according to CrowdStrike. LemonDuck has been observed exploiting ProxyLogon vulnerabilities in Microsoft ...
Threat Post

Attack Uses Docker Containers To Hide, Persist, Plant Malware

Abuse of the Docker API allows remote code execution on targeted system, which enables hackers to escalate and persists thanks to novel attacks called Host Rebinding Attack and Shadow Containers. LAS ...
CSOonline

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet ...