The attack begins with unauthorized access to exposed Jenkins instances, often enabled by weak credentials. Threat actors abuse the scriptText endpoint, which allows execution of Groovy scripts, to achieve remote code execution. The malicious script delivers platform-specific ...
The attack begins with unauthorized access to exposed Jenkins instances, often enabled by weak credentials. Threat actors abuse the scriptText endpoint, which allows execution of Groovy scripts, to achieve remote code execution. The malicious script delivers platform-specific ...
Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/ddos-botnet-leveraging-jenkins-misconfigurations-for-initial-access