Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

6 days ago [email protected] (The Hacker News)
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign


An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet.
“A purpose-built Python scanner continuously sweeps major cloud IP ranges for vulnerable targets, automatically installing malicious nodes via ComfyUI-Manager if no exploitable node is already

The post “Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , ,

More Stories

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

1 day ago [email protected] (The Hacker News)

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

3 days ago [email protected] (The Hacker News)

UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

4 days ago [email protected] (The Hacker News)

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

4 days ago [email protected] (The Hacker News)

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

4 days ago [email protected] (The Hacker News)

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

5 days ago [email protected] (The Hacker News)