<ul><li>Security researchers found cybercriminals exploiting misconfigurations in popular public DevOps tools to deploy cryptocurrency miners.</li><li>The campaign was attributed to a threat actor named JINX-0132, targeting DevOps tools like Nomad, Consul, Docker Engine API, and Gitea.</li><li>Approximately a quarter of all cloud environments are running at least one of the vulnerable technologies, with 20% running HashiCorp Consul.</li><li>To mitigate risks, companies are advised to implement strict access controls, conduct security audits, apply patches promptly, monitor systems for unusual activity, and strengthen authentication measures.</li></ul>

Public DevOps tools targeted by criminals to steal crypto

Discover more