November 15, 2023 at 09:45AM A critical security flaw in Apache ActiveMQ, tracked as CVE-2023-46604, allows threat actors to execute arbitrary code in memory. The flaw has been exploited by ransomware groups, deploying ransomware like HelloKitty and a strain similar to TellYouThePass, as well as a remote access trojan called SparkRAT. The attacks rely on … Read more
November 2, 2023 at 01:20PM Ransomware criminals are exploiting a severe vulnerability in Apache ActiveMQ, allowing for remote code execution. The developers released fixes for the affected versions, but many services remain unpatched, with China having the highest number of vulnerable services. The attacks are attributed to the HelloKitty ransomware family, known for targeting smaller … Read more
November 2, 2023 at 05:30AM Researchers have identified a critical security flaw in the Apache ActiveMQ message broker service that could allow remote code execution. The flaw has been exploited to deploy HelloKitty ransomware on target systems. The vulnerability has a severity score of 10.0 and has been addressed in the latest ActiveMQ versions. Users … Read more