NadMesh botnet hunts exposed AI services for AWS keys and Kubernetes tokens
Malware Activity
Summary
Hide ▲
Show ▼
The NadMesh botnet is actively hunting exposed AI services and stealing AWS keys and Kubernetes tokens, creating immediate cloud-account takeover risk. Its controller claims 3,811 unique AWS keys, showing the operation has already produced substantial loot. The targeting set includes ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio, plus exposed MCP, Docker, Jenkins, and Redis services. The activity matters because a single exposed host can yield cloud credentials, registry logins, and cluster access that extend far beyond the box itself.
Related Happenings
NadMesh exposed AI services scanning campaign
Campaign
H score29
First: 17.07.2026 20:12
Last: 17.07.2026 20:12
Sources 1
How related:
The scanning feeds itself. Subnets that produce hits get resampled more densely every five minutes; IPs flagged dangerous in the last 24 hours come back every quarter hour as /32 rescans with the AI ports first; a full sweep drags everything marked dangerous in the last seven days back to the top.
About this happening:
The NadMesh campaign is repeatedly resampling exposed ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio systems, keeping pressure on internet-faci...
NadMesh exposed AI services scanning campaign
CampaignHow related: The scanning feeds itself. Subnets that produce hits get resampled more densely every five minutes; IPs flagged dangerous in the last 24 hours come back every quarter hour as /32 rescans with the AI ports first; a full sweep drags everything marked dangerous in the last seven days back to the top.
About this happening: The NadMesh campaign is repeatedly resampling exposed ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio systems, keeping pressure on internet-faci...
PCPJack TeamPCP-targeting cloud credential theft campaign
Campaign
H score37
First: 08.05.2026 12:00
Last: 08.05.2026 12:00
Sources 1
About this happening:
A new PCPJack campaign is targeting TeamPCP victims by worming across exposed cloud infrastructure, creating a fresh risk of credential theft and unauthorized reuse of...
PCPJack TeamPCP-targeting cloud credential theft campaign
CampaignAbout this happening: A new PCPJack campaign is targeting TeamPCP victims by worming across exposed cloud infrastructure, creating a fresh risk of credential theft and unauthorized reuse of...
PCPJack credential theft framework worms across exposed cloud infrastructure
Malware Activity
H score27
First: 08.05.2026 12:00
Last: 08.05.2026 12:00
Sources 1
About this happening:
The PCPJack malware activity is extending a credential-theft operation across exposed cloud infrastructure, stripping TeamPCP artifacts and stealing access from se...
PCPJack credential theft framework worms across exposed cloud infrastructure
Malware ActivityAbout this happening: The PCPJack malware activity is extending a credential-theft operation across exposed cloud infrastructure, stripping TeamPCP artifacts and stealing access from se...
Widespread exposure and misconfiguration in self-hosted AI infrastructure
Trend
H score76
First: 05.05.2026 13:30
Last: 05.05.2026 13:30
Sources 1
About this happening:
A large-scale measurement found self-hosted AI infrastructure was being deployed with widespread exposure and no authentication, creating a broad risk of data theft, workf...
Widespread exposure and misconfiguration in self-hosted AI infrastructure
TrendAbout this happening: A large-scale measurement found self-hosted AI infrastructure was being deployed with widespread exposure and no authentication, creating a broad risk of data theft, workf...
OpenClaw public-facing RCE exposure with public exploit code remote code execution flaw
Vulnerability
H score72
First: 09.02.2026 11:30
Last: 09.02.2026 11:30
Sources 1
About this happening:
OpenClaw deployments exposed to the public internet face RCE risk, with 12,812 instances reportedly exploitable and public exploit code available. SecurityScorecar...
OpenClaw public-facing RCE exposure with public exploit code remote code execution flaw
VulnerabilityAbout this happening: OpenClaw deployments exposed to the public internet face RCE risk, with 12,812 instances reportedly exploitable and public exploit code available. SecurityScorecar...
Timeline
-
17.07.2026 20:12 1 articles · 1h ago
NadMesh dashboard shows 3,811 unique AWS keys
Victim Impact UpdateA NadMesh operator dashboard displayed 3,811 unique AWS keys alongside inconsistent counters, and the figures on screen were captured on July 10.
Show sources
- New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens — thehackernews.com — 17.07.2026 20:12
-
17.07.2026 20:12 2 articles · 1h ago
QiAnXin's XLab names NadMesh and details its AI-service targeting
Initial DisclosureQiAnXin's XLab published a report naming NadMesh after the "n4d mesh controller" string in its source and describing a Go botnet that appeared in early July to target exposed AI services such as ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio for cloud credentials and Kubernetes tokens.
Show sources
- New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens — thehackernews.com — 17.07.2026 20:12
- New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens — thehackernews.com — 17.07.2026 20:12