CanisterWorm is hitting Docker, Kubernetes, and Redis to spread and steal secrets

CanisterWorm is a self-propagating malware campaign tied to TeamPCP, a financially motivated threat group that has targeted exposed cloud services since late 2025. Security researchers say the worm looks for weak or exposed Docker APIs, Kubernetes clusters, Redis servers, and systems vulnerable to React2Shell, then uses that access to move deeper into cloud environments and […] The post CanisterWorm is hitting Docker, Kubernetes, and Redis to spread and steal secrets appeared first on VPN Central.