SeleniumGreed attacks
https://www.bleepingcomputer.com/news/security/misconfigured-selenium-grid-servers-abused-for-monero-mining/
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency.
Selenium Grid is open-source and enables developers to automate testing across multiple machines and browsers. It is used in cloud environments and it has more than 100 million pulls on Docker Hub.