H2Miner Attacking Linux, Windows, and Containers to Mine Monero

July 17, 2025

H2Miner Attacking Linux, Windows, and Containers to Mine Monero

The H2Miner botnet, first observed in late 2019, has resurfaced with an expanded arsenal that blurs the line between cryptojacking and ransomware.
The latest campaign leverages inexpensive virtual pri …

Published Date:
Jul 17, 2025 (4 hours, 53 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2023-46604

Source: Read More

Previous ArticleWatch out, another max-severity, make-me-root Cisco bug on the loose

Next Article 4M+ Internet-Exposed Systems at Risk From Tunneling Protocol Vulnerabilities

Highlights

CVE-2025-27819 – Apache Kafka SASL JAAS JndiLoginModule RCE/DOS

June 10, 2025

CVE ID : CVE-2025-27819

Published : June 10, 2025, 8:15 a.m. | 1 hour, 29 minutes ago

Description : In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.

Since Apache Kafka 3.4.0, we have added a system property (“-Dorg.apache.kafka.disallowed.login.modules”) to disable the problematic login modules usage in SASL JAAS configuration. Also by default “com.sun.security.auth.module.JndiLoginModule” is disabled in Apache Kafka 3.4.0, and “com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule” is disabled by default in in Apache Kafka 3.9.1/4.0.0

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

H2Miner Attacking Linux, Windows, and Containers to Mine Monero

H2Miner Attacking Linux, Windows, and Containers to Mine Monero

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

CVE-2025-6887 – Tenda AC5 Stack-Based Buffer Overflow Vulnerability

CVE-2025-42992 – SAPCAR Privilege Escalation Vulnerability

This AI Paper from ByteDance Introduces a Hybrid Reward System Combining Reasoning Task Verifiers (RTV) and a Generative Reward Model (GenRM) to Mitigate Reward Hacking

It only took Call of Duty: Warzone going back in time to make the game so much better — to the point even I enjoy it now

CVE-2025-27819 – Apache Kafka SASL JAAS JndiLoginModule RCE/DOS

How Node.js Handles Async Operations

OneNote Adds ‘Paste Text Only’ Across Windows, Mac, and Web

This MagSafe accessory just duped the most premium wallet I’ve tried for $30

H2Miner Attacking Linux, Windows, and Containers to Mine Monero

H2Miner Attacking Linux, Windows, and Containers to Mine Monero

Related Posts