XMRig Malware - Threat Intelligence
Type: Malware
Frequency: Mentioned 25 times
Analysis and threat intelligence on XMRig malware. Mentioned in 18 clusters and 25 articles.
Related Threat Clusters
- Critical Zero-Day Vulnerability CVE-2026-20182 Exploited in Cisco SD-WAN Systems (Threat Score: 87.2)
- ComfyUI Servers Compromised for Cryptomining and Botnet Operations (Threat Score: 74.0)
- PowMix Botnet Targets Czech Organizations with Malicious LNK Files (Threat Score: 72.5)
- OpenWebUI Servers Hijacked for Crypto Mining and Data Theft (Threat Score: 69.5)
- OpenAI Codex Fails to Mitigate Linux Threats During Cyber Incident (Threat Score: 69.0)
- GitHub Breach: 3,800 Internal Repositories Compromised via Malicious VS Code Extension (Threat Score: 68.2)
- Hola Browser Compromised to Deliver Cryptominer via Supply Chain Attack (Threat Score: 67.5)
- New Linux Malware Combines Mirai Botnet with Fileless Cryptominer (Threat Score: 62.0)
- BeatBanker Android Malware Targets Brazilian Users via Fake Starlink App (Threat Score: 60.5)
- Phishing Campaign Spoofs Ukrainian CERT to Deploy AGEWHEEZE RAT (Threat Score: 58.0)
Recent Articles
- Hola Browser Windows Delivery Pipeline Hijacked to Deploy Cryptominer - Gbhackers
- GitHub confirms breach of 3,800 repos via malicious VSCode extension - Bleepingcomputer
- Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182) - Tenable
- Ongoing exploitation of Cisco Catalyst SD - Blog.Talosintelligence
- Codex Red: Untangling a Linux Incident With an OpenAI Twist (Part 2) - Huntress
- Nascent PowMix botnet covertly compromises Czech workforce | brief - Scworld
- UAC - Rescana
- ComfyUI instances hijacked for cryptomining and proxy botnet | brief - Scworld
- ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet - Heise.De
- Malicious campaign targeting vulnerable OpenWebUI servers: technical analysis - Cybernews