This article has been indexed from CSO Online
Hackers have started exploiting a critical remote code execution vulnerability that was patched recently in Atlassian Confluence Server and Data Center. Some of the attacks deploy cryptocurrency mining malware, but Atlassian products have also been targeted in the past by cyberespionage groups.
“Bad Packets honeypots have detected mass scanning and exploit activity targeting the Atlassian Confluence RCE vulnerability CVE-2021-26084 from hosts in Russia, Hong Kong, Brazil, Nepal, Poland, Romania, Estonia, United States, and Italy,” threat intelligence firm Bad Packets told CSO. “Multiple proofs-of-concept have been published publicly demonstrating how to exploit this vulnerability.”
Read the original article: Critical flaw in Atlassian Confluence actively exploited