AttackFeed by Joe Wagner | Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign  - The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign  – The Hacker News

Posted on By [email protected] (The Hacker News)
Attack Feeds

An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet.
“A purpose-built Python scanner continuously sweeps major cloud IP ranges for vulnerable targets, automatically installing malicious nodes via ComfyUI-Manager if no exploitable node is already  –

Read More  – The Hacker News 

You may also like

Attack Feeds
Smashing Security podcast #459: This clever scam nearly hijacked a tech CEO’s Apple ID  – GRAHAM CLULEY
March 18, 2026
AttackFeed by Joe Wagner | Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case  - The Hacker News
Attack Feeds
Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case  – The Hacker News
April 23, 2026
AttackFeed by Joe Wagner | RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers  - Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers  – Hackread – Cybersecurity News, Data Breaches, AI and More
May 23, 2026
Attack Feeds
One in eight UK workers has sold their company passwords, and bosses think it’s fine  – GRAHAM CLULEY
May 8, 2026