Atlassian has confirmed exploitation of an already addressed Confluence Data Center and Server flaw, tracked as CVE-2023-22518, to facilitate ransomware deployment after a Rapid7 report observed related infections with the Cerber ransomware, which is long believed to be defunct, reports The Record, a news site by cybersecurity firm Recorded Future.
Article Link: Ransomware exploitation of Atlassian Confluence flaw confirmed | SC Media