top of page
ALL POSTS
Cloud Under Siege: P2Pinfect Botnet Threats Targeting Kubernetes Infrastructure
Key Findings FortiGuard Labs identified persistent P2Pinfect botnet activity within Google Kubernetes Engine clusters targeting multiple enterprise clients One network compromise persisted for six months, demonstrating advanced operational dedication Initial infections originated from exposed Redis instances requiring no complex exploitation, only basic misconfigurations P2Pinfect uses peer-to-peer mesh architecture written in Rust, eliminating single points of failure and de
May 253 min read
36 Malicious npm Packages Deploy Redis and PostgreSQL Persistent Implants
Key Findings 36 malicious npm packages masquerading as Strapi CMS plugins uploaded by four sock puppet accounts over 13 hours Eight distinct payload variants reveal real-time attack development against a specific target Exploitation chain includes Redis RCE, PostgreSQL database theft, Docker container escape, and persistent C2 implants Packages target cryptocurrency platform infrastructure with hardcoded database credentials and wallet-specific data harvesting Postinstall scr
Apr 54 min read
bottom of page
