From gbhackers.com
Using vulnerabilities in Web frameworks and WordPress, the Sysrv botnet now targets vulnerable Windows and Linux servers to deploy crypto-mining malware.
This new variant (tracked as Sysrv-K) discovered by Microsoft may now scan WordPress and Spring deployments for unpatched code.