TeamPCP Leverages Cloud Vulnerabilities to Establish Criminal Operations
Cybersecurity experts have identified a significant campaign that has been strategically launched against cloud-native environments, aiming to establish malicious infrastructure for further exploitation. This activity, observed around December 25, 2025, has been characterized as “worm-driven.” Attackers exploited exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, while also leveraging…