Key Findings PCPJack is a credential theft framework targeting exposed cloud infrastructure across Docker, Kubernetes, Redis, MongoDB, and RayML The malware exploits five CVEs (CVE-2025-55182, CVE-2025-29927, CVE-2026-1357, CVE-2025-9501, CVE-2025-48703) to spread worm-like across networks PCPJack actively removes TeamPCP artifacts from compromised systems, suggesting possible connection to former TeamPCP members Stolen credentials are exfiltrated via Telegram and include acc