CyberSecurity News
New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens
AI summary
A newly discovered Go botnet, known as NadMesh, has been targeting exposed AI services since early July. The botnet's operator claims to have collected 3,811 unique AWS keys. NadMesh uses a Shodan harvester to identify potential targets, focusing on services such as ComfyUI, Ollama, and Gradio, which are often quickly set up but may not be properly firewalled. These services include image generators, local model runners, and workflow builders. The botnet appears to be searching for cloud keys and Kubernetes tokens. The operator's dashboard provides a counter to track the number of collected keys.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

