Exposed PostgreSQL deployments are the focus of a persistent operation aimed at obtaining illicit entry and installing cryptocurrency mining software.
Cloud security company Wiz reported that this activity represents a variation of an intrusion framework that was initially highlighted by Aqua Security in August 2024, which utilized a malware variant known as PG_MEM. The operation has been linked to a malicious entity Wiz monitors as