TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

Published: 3 days ago (February 9, 2026 at 03:37 AM EST)

1 min read

Source: The Hacker News

Overview

Cybersecurity researchers have called attention to a massive campaign that has systematically targeted cloud‑native environments to set up malicious infrastructure for follow‑on exploitation.

The activity, observed around December 25 2025, and described as “worm‑driven,” leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed.

Back to Blog

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google on Thursday said it observed the North Korea‑linked threat actor known as UNC2970 using its generative artificial intelligence AI model Gemini to conduct...

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

!https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg48-Bb1617Je211tmVOc4BKdYLJjIst0IBibAqJyCaHUi1ZpHQd0EW_idmBrAbIlMm8fDx9yciZ0HiC4WdvabpudTHGJsa_5sOEf...

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Apple on Wednesday releasedhttps://support.apple.com/en-us/100100 iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero‑day flaw that...

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Indian defense sector and government‑aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environmen...

Overview

Related posts

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities