Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts.
« The attacker used a modified version of XMRig with a hard-« coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders, » Wiz researchers Yaara Shriki and Gili
