Poisoning the well: AI supply chain attacks on Hugging Face and OpenClaw

Threat actors are actively exploiting AI distribution platforms like Hugging Face and ClawHub to deliver malware by embedding malicious code within models, datasets, and agent extensions. Over 575 malicious skills across 13 developer accounts were identified in the OpenClaw ecosystem, targeting Windows and macOS with trojans, cryptominers, and AMOS stealer. Attackers abuse trust relationships between users and AI platforms through indirect prompt injection, where hidden instructions cause AI agents to execute malicious actions on behalf of users. Trojanized skills masquerade as legitimate tools while instructing users to execute encoded commands or install hidden malicious dependencies. On Hugging Face, repositories host payloads within multistep infection chains disguised as legitimate applications. These campaigns employ social engineering, obfuscation, encryption, in-memory execution, process injection, and persistence techniques to evade detection while establishing covert command-and-control communica...

Pulse ID: 6a01c2363e7f67fcbed473cb
Pulse Link: https://otx.alienvault.com/pulse/6a01c2363e7f67fcbed473cb
Pulse Author: AlienVault
Created: 2026-05-11 11:49:10

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AMOS #CryptoMiner #CyberSecurity #Encryption #HuggingFace #InfoSec #Mac #MacOS #Malware #OTX #OpenThreatExchange #Rust #SocialEngineering #SupplyChain #Trojan #Windows #bot #AlienVault

PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale

PCPJack is a sophisticated credential theft framework that propagates across exposed cloud infrastructure while systematically removing artifacts linked to TeamPCP, a threat actor behind notable 2026 supply chain compromises. The toolset harvests credentials from cloud platforms, containers, developer tools, productivity applications, and financial services, exfiltrating data through attacker-controlled infrastructure. It targets exposed Docker, Kubernetes, Redis, MongoDB, RayML services and vulnerable web applications, enabling external propagation and lateral movement. Unlike typical cloud malware, PCPJack deploys no cryptominers, focusing instead on credential theft for monetization through fraud, spam campaigns, extortion, or access resale. The framework uses modular Python scripts orchestrated by a central component, employs Common Crawl data for target selection, and utilizes Telegram for command and control communications.

Pulse ID: 69fd0520d3687243cca2f973
Pulse Link: https://otx.alienvault.com/pulse/69fd0520d3687243cca2f973
Pulse Author: AlienVault
Created: 2026-05-07 21:33:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CryptoMiner #CyberSecurity #Docker #Extortion #InfoSec #Malware #OTX #OpenThreatExchange #Python #RAT #Redis #Spam #SupplyChain #Telegram #Troll #Worm #bot #AlienVault

Untangling a Linux Incident With an OpenAI Twist (Part 2)

A Linux endpoint was simultaneously compromised by at least two distinct threat actors while the developer user relied on OpenAI's Codex AI agent for security remediation. Actor A deployed a cryptominer mining Monero to a private pool. Actor B installed a multi-revenue botnet including XMRig mining, residential proxy services, and bandwidth-selling components with eight different persistence mechanisms. Actor C, potentially affiliated with Actor B, executed mass data exfiltration of 15 categories including SSH keys, cloud credentials, and API tokens. The threat actors exploited CVE-2025-55182 (React2Shell) affecting Next.js and React applications. While Codex identified some threats, it lacked contextual awareness and privileged access needed for comprehensive incident response, creating additional noise that complicated SOC investigation. The endpoint was ultimately secured through managed EDR telemetry and expert SOC analysis.

Pulse ID: 69e95245cf3877ded3870cff
Pulse Link: https://otx.alienvault.com/pulse/69e95245cf3877ded3870cff
Pulse Author: AlienVault
Created: 2026-04-22 22:57:09

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CryptoMiner #CyberSecurity #EDR #Endpoint #InfoSec #Linux #OTX #OpenThreatExchange #Proxy #RAT #SMS #SSH #bot #botnet #AlienVault

Untangling a Linux Incident With an OpenAI Twist

A technology sector organization experienced a multi-actor compromise on a Linux endpoint where cryptominers were deployed and credential harvesting occurred. The incident became complex when the legitimate user attempted to troubleshoot suspected malicious activity using OpenAI's Codex AI agent while threat actors remained active on the system. The EDR agent was installed mid-compromise, limiting historical visibility. Codex-generated commands created investigative challenges as they mimicked attacker techniques, triggering security detections and complicating the distinction between legitimate troubleshooting and malicious activity. While Codex helped terminate some malicious processes, it failed to provide complete remediation, allowing threat actors to continue exfiltrating credentials, tokens, and cloud metadata through multiple persistence mechanisms.

Pulse ID: 69e2417e5e4fdd5f16c75dbe
Pulse Link: https://otx.alienvault.com/pulse/69e2417e5e4fdd5f16c75dbe
Pulse Author: AlienVault
Created: 2026-04-17 14:19:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CredentialHarvesting #CryptoMiner #CyberSecurity #EDR #Endpoint #InfoSec #Linux #Mimic #OTX #OpenThreatExchange #RAT #SMS #bot #AlienVault

Watch out as new .NET AOT malware hides its code as a black box, making detection far harder while delivering Rhadamanthys infostealer and crypto miner.

Read: https://hackread.com/net-aot-malware-code-black-box-evade-detection/

#CyberSecurity #Rhadamanthys #InfoStealer #CryptoMiner

I had a chance last week to chat with Benjamin Read of #Wiz. Last month, Read and other members of his team published a deep dive into the #React2Shell
(CVE-2025-55182) vulnerability, and I was curious to see what has been hitting my honeypot, so I took a closer look.

This is doing some weird stuff, friends.

As is normally the case with exploits targeting internet-facing devices, once the exploit becomes known, it ends up in the automated scanners used by threat actors and security researchers. What I've seen over the past week is a combination of both.

In just a few hours of operation, I identified a small number of source IP addresses exploiting React2Shell by pointing the vulnerable system at URLs hosting BASH scripts. These scripts are really familiar to anyone who routinely looks at honeypot data - they contain a series of commands that pull down and execute malicious payloads.

And as I've seen in the past, some of these payloads use racially inflammatory language in their malware. It's weird and gross, but unfortunately, really common.

But while most of these payloads were "the usual suspects" - remote shells, cryptocurrency miners - there was one payload that stuck out.

It's an exploit file, based on this proof-of-concept [https://github.com/iotwar/FIVEM-POC/blob/main/fivem-poc.py] designed to DDoS a modded server running "FiveM," a popular version of the game Grand Theft Auto V.

Let that one sink in: among the earliest adopters of a brand new exploit are...people trying to mess with other people's online game servers.

I've long said that exploits like these are the canaries in the datacenter coal mine. After all, if an attacker can force your server to run a cryptominer (or a game DDoS tool), they can force it to run far more malicious code.

I guess someone, or a group of someones, just want to ruin everyone's good time, no matter how or what form that takes. And they'll do it in the most offensive way possible.

Anyway, patch your servers, please, if only to stick it to these people who want to be the reason we can't have nice things.

#PoC #exploit #CVE_2025_55182 #DDoS #FiveM #REACT #Bash #cryptominer #malware

VPS của tôi liên tục bị nhiễm cryptominer ngay sau khi cài lại Ubuntu 24.04. Bots tấn công mật khẩu root trong khoảng thời gian từ lúc khởi động đến khi chạy script bảo mật bằng Ansible. Triệu chứng: CPU 100%, tiến trình gây nghi ngờ (XMRig), nhật ký hệ thống bị xóa. Câu hỏi: Mật khẩu 50 ký tự có đủ mạnh? Làm thế nào để khóa máy chủ trong giai đoạn cài đặt? #securitytips #cryptomining #Ubuntu #VPS

Tags: #VPSan ninh #cryptominer #Ubuntu2404 #Ansible #BruteForce #Kinhnghiệmthựctế #Hethongdichvu

Crypto Miner in hotio/qbittorrent

https://apogliaghi.com/2025/09/crypto-miner-in-hotio/qbittorrent/

#HackerNews #CryptoMiner #hotio #qbittorrent #cryptocurrency #technology

A Linux cryptominer has been quietly spreading malware for years by hijacking legit websites with SSL certs.

🔗 https://hackread.com/linux-cryptominer-using-legit-sites-to-spread-malware/

#CyberSecurity #Linux #Cryptominer #Malware #Crypto

Finally completed my rebuild of my #Grafana #prometheus #vps stack.

The old one was hosed in a 3 month battle with a #cryptominer
It was #docker but they kept fucking the Prometheus container.

I rebuild everything from scratch. The panels are integrated into a single JSON file, rather than in libraries.

The stack is now #podman. Rootless execution.
But I couldn't get it to get #cadvisor to feed it.
So I got a dodgy scraper script.
But even with nice, it loads the low tier VPS to 14%

#selfhosting