"Cloud Security Alert: Kinsing Actors Exploit Linux Flaw for Breaching Environments"

Threat actors associated with Kinsing are exploiting the recently disclosed Linux privilege escalation flaw, Looney Tunables, in a new experimental campaign aimed at breaching cloud environments. The attackers are also extracting credentials from the Cloud Service Provider (CSP), marking the first documented instance of active exploitation of Looney Tunables. Kinsing actors have a history of quickly adapting their attack chains to exploit newly disclosed security flaws, and in this case, they are using a critical remote code execution vulnerability in PHPUnit to gain initial access. The ultimate goal of the attack is to extract CSP credentials for future attacks, indicating a potential broadening and intensification of the Kinsing operation in cloud-native environments.