Threat Group – ShadowV2 operators cybercrime as a service actors Threat Type – DDoS as a Service and botnet Exploited Vulnerabilities – Publicly exposed or unauthenticated Docker daemon APIs on cloud hosts, weak network segmentation, deficient egress controls, inadequate governance of infrastructure as code Malware Used – Python based spreader and control scripts, Go