Security researchers have identified PCPJack, a credential theft framework that targets exposed cloud infrastructure and removes competing malware. The toolset harvests credentials from cloud services, containerized environments, developer platforms, productivity tools, and financial services before exfiltrating the data through attacker-controlled systems.