The Hacker News

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.
Threat Post

Norman Cryptominer Employs Sophisticated Obfuscation Tactics

A new XMRig Monero cryptominer stands apart, despite its non-flashy name. A never-before-seen cryptomining variant, dubbed “Norman” after one of its executable files, has been spotted in the wild ...
Bleeping Computer

Misconfigured Selenium Grid servers abused for Monero mining

Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. Selenium Grid is open-source ...
Bleeping Computer

Fake CrowdStrike job offer emails target devs with crypto miners

CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig ...