Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners
Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
The Atlassian Confluence Server’s CVE-2022-26134, an unauthenticated remote code execution (RCE) vulnerability that was recently patched, is being used by adversaries to deploy cryptocurrency mining malware.