Security News

Atlassian fixes Confluence zero-day widely exploited in attacks

2022-06-03 17:47

Atlassian has released security updates to address a critical zero-day vulnerability in Confluence Server and Data Center actively exploited in the wild to backdoor Internet-exposed servers. The zero-day affects all supported versions of Confluence Server and Data Center and allows unauthenticated attackers to gain remote code execution on unpatched servers.

#atlassian #attack #confluence #zeroday #CVE-2022-26134

Unpatched Atlassian Confluence zero-day exploited, fix expected today (CVE-2022-26134)

2022-06-03 10:13

A critical zero-day vulnerability in Atlassian Confluence Data Center and Server is under active exploitation, the software maker has warned on Thursday.There is currently no fix available - though they are expected to be released today - and users of the popular enterprise collaboration solution are advised to either temporarily restrict access to Confluence Server and Data Center instances from the internet, or to disable them completely.

#atlassian #confluence #zeroday #CVE-2022-26134

Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability

2022-06-03 02:27

Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild. "Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server," it said in an advisory.

#atlassian #confluence #critical #hacker #vulnerability #zeroday

Critical Atlassian Confluence zero-day actively used in attacks

2022-06-03 01:41

Hackers are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134 to install web shells, with no fix available at this time. Today, Atlassian released a security advisory disclosing that CVE-2022-26134 is a critical unauthenticated, remote code execution vulnerability tracked in both Confluence Server and Data Center.

#atlassian #attack #confluence #critical #zeroday #CVE-2022-26134

Atlassian: Unpatched years-old flaw under attack right now to hijack Confluence

2022-06-03 00:28

Atlassian has warned users of its Confluence collaboration tool that they should either restrict internet access to the software, or disable it, in light of a critical-rated unauthenticated remote-code-execution flaw in the product that is actively under attack. The flaw is present in version 7.18 of Confluence Server, which is under attack, as well as potentially versions 7.4 and higher of Confluence Server and Confluence Data Center.

#atlassian #attack #confluence

US govt warns orgs to patch massively exploited Confluence bug

2021-09-03 15:23

US Cyber Command has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately.The USCYBERCOM unit also stressed the importance of patching vulnerable Confluence servers as soon as possible: "Please patch immediately if you haven't already- this cannot wait until after the weekend."

#atlassian #cybercom #confluence #patch #CVE-2021-26084

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}