CSOonline

Patched Apache ActiveMQ bug abused to drop Godzilla web shells

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...
Threat Post

Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors

With the malicious code embedded into websites, the attacker can then piggyback on the trust level of the website and launch a variety of attacks. Researchers have found a cross-site scripting (XSS) ...
Dark Reading

Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware

More than 3,000 Internet-accessible Apache ActiveMQ Servers are exposed to a critical remote code execution vulnerability that an attacker has begun actively targeting to drop ransomware. The Apache ...
Dark Reading

Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto

The attackers behind the Kinsing malware are the latest to exploit the Apache ActiveMQ critical remote code execution (RCE) vulnerability, targeting the flaw to infect vulnerable Linux systems with a ...
Bleeping Computer

Latest Apache ActiveMQ news

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. Internet-exposed Apache ...
CSOonline

HelloKitty ransomware deployed via critical Apache ActiveMQ flaw

Attackers have begun exploiting a critical remote code execution vulnerability patched last week in Apache ActiveMQ to deploy ransomware in enterprise networks. Users are urged to upgrade the software ...
Bleeping Computer

HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks

The HelloKitty ransomware operation is exploiting a recently disclosed Apache ActiveMQ remote code execution (RCE) flaw to breach networks and encrypt devices. The flaw, tracked CVE-2023-46604, is a ...