Vulnerable Atlassian Confluence Data Center and Server instances have been targeted by Chinese state-backed threat operation Storm-0062, also known as DarkShadow and Oro0lxy, in ongoing attacks exploiting a zero-day flaw, tracked as CVE-2023-22515, since Sept. 14, or three weeks prior to the bug's disclosure, SecurityWeek reports.
Article Link: Atlassian Confluence zero-day attacks launched by Chinese APT group | SC Media