Attackers are targeting a critical vulnerability in Apache ActiveMQ to drop ransomware. The HelloKitty ransomware group has been exploiting the flaw, which was disclosed by The Apache Software Foundation. Another group, known as Kinsing, has been exploiting a new Linux flaw called Looney Tunables to breach cloud environments. Security firms Rapid7 and AquaSecTeam have confirmed the exploits by HelloKitty and Kinsing, respectively. Additionally, a critical bug in Atlassian products has been exploited, and a security advisory has been released regarding the Apache ActiveMQ vulnerability.
Kinsing threat actors probed the Looney Tunables flaws in recent attacks: https://t.co/Vsp1snwbjV by Security Affairs #infosec #cybersecurity #technology #news
🚨@KudelskiSec's Threat Detection & Research Team released their latest security advisory CVE-2023-33308 regarding a recently disclosed Apache ActiveMQ Remote Code Execution (RCE) vulnerability. Details and updates can be found here: https://t.co/23FEKUFoHj https://t.co/XP1aqymAGe
Critical Atlassian Bug Exploit Now Available; Immediate Patching Needed: https://t.co/r03T8EHwnE by Dark Reading #infosec #cybersecurity #technology #news
.@AquaSecTeam researchers said they are “100% certain” that threat actor Kinsing was behind an exploit attack on the so-called "Looney Tunables" Linux privileged escalation vulnerability (CVE-2023-4911). #cybersecurity #infosec #ITsecurity https://t.co/ZYmu31OjJ3
.@rapid7 said it detected the HelloKitty #ransomware group exploiting an RCE in ActiveMQ two days after @TheASF disclosed the bug. #cybersecurity #infosec https://t.co/HiQ4JQxfOA
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments: https://t.co/RWeyS9D4N2 by The Hacker News #infosec #cybersecurity #technology #news
🚨Kinsing hackers exploit the new #Linux flaw, Looney Tunables (CVE-2023-4911), to breach cloud environments for root access. Read more ➡️https://t.co/jeeqmRwBRw #cybersecurity #hacking
HelloKitty ransomware deployed via critical Apache ActiveMQ flaw https://t.co/0Aqqstp0Do
Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware: https://t.co/LYjXbBh60I by Dark Reading #infosec #cybersecurity #technology #news