Chinese 8220 Gang has been found enhancing its attack techniques, such as involving using malicious Docker images and exploiting Struts2, Redis, and Weblogic servers, to launch cryptomining attacks. Some of these attacks leveraged vulnerable Oracle Weblogic servers, and the other campaign attacked a vulnerable Apache web server. Companies can leverage threat intelligence platforms to track IOCs and understand the attack patterns of such attacks.