Researchers discover financially motivated operation targeting vulnerable GitLab servers, exploiting critical flaw CVE-2021-22205 to gain remote code execution, utilizing undetected tools, cross-platform malware, and kernel-based rootkits to hide their presence, and abusing a legitimate service called TryCloudflare to obfuscate their command-and-control network.
View full story…
