"Massive Wave of Attacks Targets Critical Atlassian Confluence RCE Vulnerability"
A critical security flaw affecting Atlassian Confluence Data Center and Server has been actively exploited by malicious actors, with nearly 40,000 exploitation attempts recorded within three days of its public disclosure. Tracked as CVE-2023-22527, the vulnerability allows unauthenticated attackers to achieve remote code execution on susceptible installations. The exploitation attempts, originating from over 600 unique IP addresses, are currently limited to testing callback attempts and 'whoami' execution, indicating opportunistic scanning for vulnerable servers. Over 11,000 Atlassian instances have been found accessible over the internet, raising concerns about the extent of vulnerability.
