Security · 1h ago
NadMesh Botnet Steals AWS Keys From Exposed AI Services
A new Go-based botnet called NadMesh is harvesting exposed AI services for cloud credentials. Its operator dashboard claims 3,811 unique AWS keys, targeting tools like ComfyUI, Ollama, and n8n. The botnet uses Shodan to continuously scan for vulnerable endpoints.
Meridian48 take
The botnet's focus on AI workflow tools highlights how fast deployment often bypasses security, making these services a prime target for credential theft.
Read the full reporting
New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens →
The Hacker News
botnetai-security