Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
17 April 2024
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.
The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account.
Armed with this access, a