Critical Atlassian Confluence bug exploited in Cerber ransomware attacks

November 6, 2023 at 12:40PM Attackers are exploiting a critical security flaw in Atlassian Confluence to encrypt files with Cerber ransomware. The flaw, tracked as CVE-2023-22518, received a severity rating of 9.1/10 and affects all versions of Confluence Data Center and Confluence Server software. Although there are currently no reports of active exploitation, Atlassian has … Read more

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

October 17, 2023 at 07:12AM The US cybersecurity agency CISA, together with the FBI and MS-ISAC, has issued a warning about a zero-day vulnerability in Atlassian Confluence Data Center and Server. Tracked as CVE-2023-22515, the flaw has been exploited by a nation-state threat actor since September 14. It allows unauthorized access, creation of administrative accounts, … Read more