> TritonInfoSec News
Home / May 08, 2026 / Story
0
#5 The Hacker News general May 07, 2026 at 17:45 UTC

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

By [email protected] (The Hacker News)

AI Summary

A new credential-theft framework called PCPJack exploits five CVEs to spread worm-like across exposed cloud infrastructure, harvesting credentials from AWS, Docker, Kubernetes, and other developer and financial services before exfiltrating data through attacker-controlled infrastructure. The toolset actively evicts competing TeamPCP malware from compromised systems and uses parquet files for stealthy target discovery. The supply chain–targeting behavior and multi-cloud credential harvesting make this a significant threat to DevOps and cloud-native environments.

Read full article → https://thehackernews.com/2026/05/pcpjack-credenti…

Relevance score: 85.0/100

# More from May 08

  1. 1
    PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage The Hacker News
  2. 2
    Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access The Hacker News
  3. 3
    Canvas Breach Disrupts Schools & Colleges Nationwide Krebs on Security
  4. 4
    Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions The Hacker News
  5. 6
    Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants SecurityWeek
  6. 7
    Iranian government hackers using Chaos ransomware as cover, researchers say The Record
  7. 8
    Critical vm2 sandbox bug lets attackers execute code on hosts BleepingComputer
  8. 9
    DAEMON Tools devs confirm breach, release malware-free version BleepingComputer
  9. 10
    New TCLBanker malware self-spreads over WhatsApp and Outlook BleepingComputer