Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware

Sergiu Gatlan reports:

Ransomware gangs are now targeting a recently patched and actively exploited remote code execution (RCE) vulnerability affecting Atlassian Confluence Server and Data Center instances for initial access to corporate networks.

If successfully exploited, this OGNL injection vulnerability (CVE-2022-26134) enables unauthenticated attackers to take over unpatched servers remotely by creating new admin accounts and executing arbitrary code.

Read more at BleepingComputer.

About the author: Dissent

Comments are closed.