Ransomware Hackers Exploit Critical Atlassian Confluence Vulnerability
Multiple ransomware groups are actively exploiting recently disclosed vulnerabilities in Atlassian Confluence and Apache ActiveMQ. The flaws allow threat actors to create unauthorized accounts and lead to a loss of confidentiality, integrity, and availability. Atlassian has updated its advisory, noting active exploits and increasing the severity of the flaw. The attacks involve mass exploitation of vulnerable Atlassian Confluence servers, originating from IP addresses in France, Hong Kong, and Russia. Additionally, a severe remote code execution flaw in Apache ActiveMQ is being weaponized to deliver a remote access trojan and a ransomware variant. Cybersecurity firms emphasize the need for rapid remediation of these vulnerabilities.
- Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws The Hacker News
- Atlassian Bug Escalated to 10, All Unpatched Instances Vulnerable DARKReading
- Actively exploited Atlassian Confluence bug elevated to maximum severity rating SC Media
- Critical vulnerability in Atlassian Confluence server is under “mass exploitation” Ars Technica
- Atlassian confirms ransomware is exploiting latest Confluence bug The Record from Recorded Future News
Reading Insights
0
0
1 min
vs 2 min read
73%
383 → 103 words
Want the full story? Read the original article
Read on The Hacker News