grep -rl "bingxie" ./posts

#bingxie

1 match

Ice Scorpion on Alibaba: A Chinese Operator's Singapore Staging Server, 164 Compromised Brazilian Government Machines, and a 933MB Fake GPU Driver

A Shodan hit on an Alibaba Cloud Singapore IP leads to a 9.1GB archive that turns out to be an attacker's working directory from inside a compromised Brazilian government server — containing a DirtyPipe exploit, fscan lateral movement results across the GDF internal network, 164 confirmed credential compromises, and 754MB of exfiltrated GitLab source code.

2026-07-02 · 13 min

← back to listing