Atlassian News Articles

Recent news articles refferecing the vendors vulnerabilities.

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

Atlassian Confluence vulnerability CVE-2023-22527 actively exploited for cryptocurrency mining. Urgent patching recommended to prevent attacks.

4 months ago

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Malware Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless...

4 months ago

Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

4 months ago

Atlassian Fixes Server and Data Center Flaws - Spiceworks

Atlassian has released security updates to patch critical vulnerabilities in its server and data center products. Find out more.

5 months ago

Atlassian Confluence Flaw Enables Remote Code Execution - Spiceworks

Explore the details of a critical vulnerability in Atlassian Confluence that enables remote code execution. Learn how users can protect their systems with prompt updates.

6 months ago

Vulnerability Recap 6/10/24: RCE Attacks in Major Platforms

Explore recent RCE attacks and other vulnerabilities on major platforms. Stay updated on the latest fixes.

6 months ago

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available

6 months ago

Details of Atlassian Confluence RCE Vulnerability Disclosed

SonicWall has shared technical details on a recently addressed high-severity remote code execution flaw in Confluence.

7 months ago

Atlassian Confluence High-Severity Bug Allows Code Execution

Because of the role the Confluence Server plays in managing documentation and knowledge data bases, the researchers recommend users upgrade to patch CVE-2024-21683 as soon as possible.

7 months ago

High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) - Help Net Security

PoC and technical details for a high-severity RCE flaw (CVE-2024-21683) in Atlassian Confluence Server and Data Center are public.

7 months ago

В популярной платформе Confluence нашли ещё одну критическую уязвимость. Она позволяет угнать сервер без аутентификации

Продукт Atlassian Confluence, BIZone WAF защищает от уязвимости CVE-2024-21683, В популярной платформе Confluence нашли ещё одну критическую уязвимость Она позволяет угнать сервер без аутентификации, 2023 Опасная уязвимости в Confluence эксплуатируется вымогателями ФСТЭК рекомендует защищаться, Че...

7 months ago

Vulnerable Atlassian Confluence instances exceed 200K

More than 200,000 Atlassian Confluence Data Center and Confluence Server instances could be compromised in intrusions targeting the high-severity remote code execution vulnerability, tracked as CVE-2024-21683, reports Cybernews.

7 months ago

Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code

The widely used team workspace corporate wiki Confluence has been discovered with a critical Remote code execution vulnerability

7 months ago

Atlassian Confluence Linux instances targeted with Cerber ransomware  

Attackers exploited a critical vulnerability to create a new administrator account.

8 months ago

Linux variant of Cerber ransomware targets Atlassian servers

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.

8 months ago

Blog | NSFOCUS

Read the NSFOCUS blog to learn about the latest news, events and more.

9 months ago

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax attack within the Apache Struts framework. However, a new critical flaw...

10 months ago

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax attack within the Apache Struts framework. However, a new critical flaw...

10 months ago

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax attack within the Apache Struts framework. However, a new critical flaw...

10 months ago

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax attack within the Apache Struts framework. However, a new critical flaw...

10 months ago

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax attack within the Apache Struts framework. However, a new critical flaw...

10 months ago

Hackers Target Atlassian Confluence With RCE Exploits

Shadowserver reported over 39,000 exploitation attempts from 600 unique IP addresses, mainly Russian

11 months ago

Attacks begin on critical Atlassian Confluence vulnerability | TechTarget

Four cybersecurity organizations reported exploitation attempts against a critical Atlassian Confluence vulnerability disclosed and patched on Jan. 16.

11 months ago

CVE-2023-22527: критическая уязвимость активно используется в атаках на тысячи серверов Atlassian

Незащищенные сервера стали популярной мишенью хакеров, желающих получить контроль над системой.

11 months ago

Atlassian Confluence Servers Attacked From 600+ IP Addresses

Atlassian disclosed a critical vulnerability last week which was related to Remote Code Execution (CVE-2023-22527).

11 months ago

~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation – All Hacker News

Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-date versions of the so...

11 months ago

~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation

Hackers are actively exploiting a critical Atlassian Confluence flaw (CVE-2023-22527) within days of its reveal.

11 months ago

Thousands of exploit attempts reported on critical Atlassian Confluence RCE

Security researchers say they recorded several thousands exploit attempts on Atlassian Confluence RCE originating from more than 600 unique IP addresses.

11 months ago

Atlassian Confluence - Remote Code Execution (CVE-2023-22527)

CVE-2023-22527 is a critical vulnerability within Atlassian's Confluence Server and Data Center. This vulnerability has the potential to permit unauthenticated attackers to inject OGNL expressions into the Confluence instance, thereby enabling the execution of arbitrary code and system commands. T...

11 months ago

Hackers start exploiting critical Atlassian Confluence RCE flaw

Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers.

11 months ago

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed. 

11 months ago

Patch ASAP: Max-Critical Atlassian Bug Allows Unauthenticated RCE

Rated at a CVSS score of 10, the bug is as bad as it gets, allowing remote cyberattackers unfettered access to corporate environments.

11 months ago

Atlassian Confluence vulnerability enables remote code execution

The critical bug, given a maximum CVSS score of 10 by Atlassian, requires an urgent update to the fixed version to avoid exploitation.

11 months ago

Atlassian reveals critical Confluence RCE flaw, urges "immediate action" (CVE-2023-22527) - Help Net Security

Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to RCE.

11 months ago

Confluence Remote Code Execution Vulnerability (CVE-2023-22527) Alert

Overview On January 16, NSFOCUS CERT detected that Atlassian officially released a security announcement fixing the remote code execution vulnerability (CVE-2023-22522) in Confluence Data Center and Confluence Server. This vulnerability is caused by template injection. Unauthenticated attackers can ...

11 months ago

Atlassian warns of critical RCE flaw in older Confluence versions

Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical remote code execution (RCE) vulnerability that impacts versions released before December 5, 2023, including out-of-support releases.

11 months ago

Atlassian fixes four critical RCE vulnerabilities, patch quickly! - Help Net Security

Atlassian has released security updates for 4 critical vulnerabilities in its various offerings that can lead to arbitrary code execution.

1 year ago

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Atlassian has released software fixes to address four critical flaws in its software that could lead to remote code execution.

1 year ago

C3RB3R Ransomware | Ongoing Exploitation of CVE-2023-22518 Targets Unpatched Confluence Servers 

Learn how threat actors are exploiting Confluence CVE-2023-22518 to deploy Cerber ransomware on Linux and Windows hosts.

1 year ago

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.

1 year ago

Atlassian Confluence data-wiping vulnerability exploited - Help Net Security

Threat actors are trying to exploit a critical Atlassian Confluence flaw (CVE-2023-22518) to reset vulnerable instances' database.

1 year ago

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

Ransomware groups are actively exploiting critical flaws in Atlassian Confluence & Apache ActiveMQ.

1 year ago

Actively exploited Atlassian Confluence bug elevated to maximum severity rating

Cerber ransomware attacks started over the weekend, just days after “critical information” about the now-patched Atlassian Confluence vulnerability was posted online.

1 year ago

Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss

Atlassian issues a critical warning about a severe flaw in Confluence Data Center and Server

1 year ago

Exploitation of Critical Confluence Vulnerability Begins

Threat actors have started exploiting a recent critical vulnerability in Confluence Data Center and Confluence Server.

1 year ago