Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
21 January 2024
Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts.
"The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners," Trustwave said. "Notably, despite the binary's unknown file