Cybersecurity firm Trend Micro has reported that an unidentified threat actor is abusing unprotected Docker Remote API servers to carry out perfctl malware attacks. The threat begins with probing and payload execution, then a Docker container is created with specific settings and a Base64 encoded payload is executed. This allows the creation of a bash script, setting of environment variables, and the downloading of a malicious binary disguised as a PHP extension.
NATO to launch new cyber center by 2028: Official – Breaking Defense
NATO to launch new cyber center by 2028: Official Breaking Defense
