Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts.
"The attacker used a modified version of XMRig with a hard-"coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders," Wiz researchers Yaara Shriki and Gili



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/07/alert-exposed-jdwp-interfaces-lead-to.html