Microsoft has warned that a new variant of the Sysrv botnet is targeting a critical flaw in the Spring Framework to install cryptocurrency mining malware on Linux and Windows systems.
Microsoft researchers spotted a new variant of Sysrv, which it calls Sysrv-K, scanning the internet for WordPress plugins with older vulnerabilities as well as a recently disclosed remote code execution (RCE) flaw in the Spring Cloud Gateway software tagged as CVE-2022-22947.
The flaw affected VMware’s Spring Cloud Gateway and Oracle’s Communications Cloud Native Core Network Exposure Function and was given a critical rating by both firms.
