Minecraft servers are being compromised with attacks leveraging the BleedingPipe remote code execution flaw in various Minecraft mods, which seek to facilitate total device takeovers, BleepingComputer reports. While initial in-the-wild exploitation of the BleedingPipe vulnerability was immediately addressed in March 2022, threat actors were noted in a Forge forum post to have commenced large-scale abuse of the zero-day RCE earlier last month in an effort to exfiltrate Discord and Steam session cookies, according to a report from the Minecraft security community, or MMPA.
Source: SC Magazine