Threat Research

    GeoServer, Where Various CoinMiner Attacks Occur

    Researchers identified multiple attack campaigns abusing a GeoServer remote code execution flaw (CVE-2024-36401). The attackers indiscriminately scan the internet for exposed and vulnerable GeoServer instances. After gaining access, they install XMRig-based cryptocurrency miners on compromised servers....
    12/30/2025  0
    Read More »

    XiebroC2 Identified In MS-SQL Server Attack Cases

    Our team recently identified an attack on a misconfigured MS-SQL server involving XiebroC2, an open-source command-and-control (C2) framework similar to CobaltStrike. The attacker exploited weak credentials to gain access and attempted to install various malware, including coin miners and JuicyPotato for privilege escalation....
    10/7/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.