Threat actors are targeting vulnerable Docker services by deploying the XMRig cryptocurrency miner and the 9Hits Viewer software to make money from compromised hosts. The method used to spread the malware is unclear but is likely to involve scanning for prospects using search engines. The servers are breached to deploy two malicious containers via the Docker API, leaving the servers unable to perform as expected.
Chrome V8 JavaScript Engine Vulnerability Let Attackers Execute Remote Code
Google has swiftly addressed a high-severity flaw in its Chrome browser’s V8 JavaScript engine, releasing an emergency update to thwart potential remote code execution attacks.
