Multiple cybersecurity organisations have noticed exploitation attempts against a high-severity vulnerability in Atlassian Confluence Data Center and Confluence Server. The vulnerability was disclosed and patched in a security advisory on January 16th. It allows an unauthenticated attacker to execute remote code. Despite warnings to patch the flaw, over 11,000 vulnerable instances remained. Exploitation activity increased after proof-of-concept exploits were released, although so far no successful attempts have been reported. Atlassian has advised users to update and check their systems for signs of compromise.
Kaspersky reports 135% rise in crypto-drainer discussions
Research by Kaspersky saw a 135% rise in dark web discussions about crypto-drainers, malware used to steal digital currency, between 2022 and 2024. Cybercriminals are