Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign

The attackers use evasion techniques such as using memory-backed temporary file stores and Base64-encoded scripts to make forensics harder and eliminate competing miner processes on infected machines.