| raw_data |
{"id": 459720, "content": "【黑客 {"id": 459720, "content": "【黑客利用公共DevOps工具进行加密货币挖矿攻击】金色财经报道,安全公司 Wiz 发现代号 JINX-0132 的黑客组织正大规模利用 DevOps 工具配置漏洞进行加密货币挖矿攻击。该攻击主要针对 HashiCorp Nomad/Consul、Docker API 和 Gitea 等工具,约 25%的云环境存在风险。攻击手法包括:利用 Nomad 默认配置部署 XMRig 挖矿软件、通过 Consul 未授权 API 执行恶意脚本、控制暴露的 Docker API 创建挖矿容器。", "content_prefix": "黑客利用公共DevOps工具进行加密货币挖矿攻击", "link_name": "原文链接", "link": "https://www.theregister.com/2025/06/03/illicit_miners_hashicorp_tools/?td=rt-3a", "grade": 4, "sort": "", "category": 0, "highlight_color": "", "images": [], "created_at": 1749052725, "created_at_zh": "2025-06-04", "attribute": "", "up_counts": 338, "down_counts": 261, "zan_status": "", "readings": [], "extra_type": 0, "extra": null, "prev": null, "next": null, "word_blocks": [], "is_show_comment": 1, "is_forbid_comment": 0, "comment_count": 0, "analyst_user": null, "show_source_name": "", "vote_id": 0, "vote": null, "date": "2025-06-04"}... |