The Hacker News - Improperly secured Jenkins servers can be exploited by attackers to run cryptocurrency mining scripts on compromised machines
https://thehackernews.com/2024/07/hackers-exploiting-jenkins-script.html
Hackers can exploit weaknesses in Jenkins software to take control of computers and mine cryptocurrency for themselves.
This is because a feature in Jenkins allows users to run scripts with high privileges, and if not properly secured, attackers can use this to install malicious software that steals computing power for crypto mining.
To prevent this, users should ensure proper configuration and limit access to Jenkins servers.
Beware of this vulnerability!!
Upvoted! Thank you for supporting witness @jswit.