Threat actors are scouring the internet for unprotected instances of Apache NiFi, to steal server credentials and install cryptominers, warns the SANS Institute. “An attacker for such a misconfigured system can access all the data processed by NiFi and read/modify/delete the NiFi configuration,” Johannes Ullrich, the cyber training organization’s director of research, said today in