Attackers exploit exposed Nomad, Docker, and Gitea instances to deploy XMRig miners within minutes, draining cloud resources and evading detection. Credit: wee dezign / Shutterstock A massive ongoing cryptojacking operation is actively exploiting misconfigured DevOps tools, including Nomad, Consul, Docker, and Gitea, to hijack computing power for cryptocurrency mining, Wiz Threat Research revealed. Dubbed Jinx-0132 by researchers, the campaign has compromised systems globally with attackers deploying XMRig-based miners within minutes of breaching exposed APIs and weak configurations. Development ToolsVulnerabilitiesEngineer