"Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks"

Researchers have found that attackers can perform cryptocurrency mining using improperly configured Jenkins Script Console instances. Trend Micro warned that improperly set up authentication mechanisms expose the '/script' endpoint to attackers, making Remote Code Execution (RCE) possible. Jenkins is a widely used Continuous Integration and Continuous Delivery (CI/CD) platform with a Groovy script console that enables users to run arbitrary Groovy scripts in the Jenkins controller runtime. This article continues to discuss the possible exploitation of improperly configured Jenkins Script Console instances for criminal activities.

THN reports "Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks"

Submitted by grigby1