"Massive Wave of Attacks Targets Critical Atlassian Confluence RCE Vulnerability"
A critical security flaw affecting Atlassian Confluence Data Center and Server has been actively exploited by malicious actors, with nearly 40,000 exploitation attempts recorded within three days of its public disclosure. Tracked as CVE-2023-22527, the vulnerability allows unauthenticated attackers to achieve remote code execution on susceptible installations. The exploitation attempts, originating from over 600 unique IP addresses, are currently limited to testing callback attempts and 'whoami' execution, indicating opportunistic scanning for vulnerable servers. Over 11,000 Atlassian instances have been found accessible over the internet, raising concerns about the extent of vulnerability.
- ~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation The Hacker News
- Attacks begin on critical Atlassian Confluence vulnerability TechTarget
- Atlassian Confluence Server RCE attacks underway from 600+ IPs The Register
- Thousands of exploit attempts reported on critical Atlassian Confluence RCE SC Media
- Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure SecurityWeek
Reading Insights
0
1
1 min
vs 2 min read
66%
270 → 91 words
Want the full story? Read the original article
Read on The Hacker News