Credential-Stealing OSS ‘Crystalray’ Attacks Jump 10X

Crystalray’s attack chain involves using various OSS tools for reconnaissance, scanning, and exploiting vulnerabilities. The group was first discovered in February using the “SSH-Snake” tool to exploit vulnerabilities in Atlassian Confluence.