Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

Researchers studying cybersecurity have discovered that attackers may be able to use Jenkins Script Console instances that aren’t configured correctly as weapons to carry out illegal actions like mining cryptocurrencies.

Attackers can access the ‘/script’ endpoint due to misconfigurations such incorrectly configured authentication procedures, according to a technical write-up released last week by Shubham Singh and Sunil Bharti of Trend Micro. Malicious actors may take advantage of this and cause remote code execution (RCE).

Users can run any Groovy script within the Jenkins controller runtime using the Groovy script console included in the well-known continuous integration and delivery (CI/CD) platform Jenkins read more about Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *