
Cybersecurity Researchers Report Massive Campaign Targeting Cloud Environments
CybersecurityCloudDockerKubernetesRayRedisVulnerabilitiesWormExploitation
Cybersecurity researchers have reported a "massive campaign" targeting native cloud environments to establish a malicious infrastructure for future exploitation. This activity, observed around December 25, 2025, is described as "driven by a worm" and has exploited exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, as well as recently disclosed vulnerabilities.