Separate remote code execution vulnerability in unupdated versions of RocketMQ, a Chinese-developed messaging/streaming server, in the case of the infection described in the article. It’s possible that there are a few other RCE vulns it can make use of, but 20000 of them seems unlikely.
Yeah, the takeaway from this is, “We need some public service announcements about bats,” and “The healthcare protocol needs to be updated so that a shot is given if a bat is found in a room where someone was asleep or otherwise may have been bitten without being conscious of it,” not “These are bad parents.”