For the past few months, a malware operation has been scanning the internet for Docker servers running API ports exposed on the internet without a password. Hackers are then breaking into unprotected hosts and installing a new crypto-mining malware strain named Kinsing.
https://www.zdnet.com/article/docker-servers-targeted-by-new-kinsing-malware-campaign/#ftag=RSSbaffb68
https://www.zdnet.com/article/docker-servers-targeted-by-new-kinsing-malware-campaign/#ftag=RSSbaffb68