#messagebroker

Dangerous Apache ActiveMQ Exploit Allows Stealthy EDR Bypass

by

November 16, 2023 at 05:50PM A new proof-of-concept (PoC) exploit for a critical security vulnerability in Apache ActiveMQ allows threat actors to achieve remote code execution (RCE) on vulnerable servers. Despite a patch being available, numerous organizations remain exposed, with the HelloKitty ransomware gang taking advantage. Researchers at VulnCheck have developed a more sophisticated exploit … Read more

3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

by

November 1, 2023 at 02:11PM Over 3,000 internet-exposed Apache ActiveMQ servers are vulnerable to a critical newly disclosed remote code execution (RCE) vulnerability, known as CVE-2023-46604. Exploiting this flaw allows attackers to execute arbitrary shell commands. The vulnerability affects various versions of ActiveMQ, but patches have been released to address the issue. Researchers have found … Read more