Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials

Hackers are targeting internet-exposed Jupyter Notebooks, a platform used for machine learning and scientific research. In a campaign called “Qubitstrike”, they are deploying malware to breach servers and mine cryptocurrency, as well as pilfering passwords. The malware is distributed through code-sharing platform codeberg.org — the first known abuse of the site. The attack begins with a manual scan of Jupyter Notebooks, followed by the download and execution of a script responsible for mining and credential theft.