Security researchers have discovered a new financially motivated cyber-threat campaign designed to make money from cryptomining and proxyjacking while staying hidden using a variety of techniques. The Labrat campaign was discovered by a team at Sysdig, who observed the threat actors compromise a targeted container via legacy GitLab remote code execution vulnerability CVE-2021-22205.
Source: Infosecurity