Proof of concept (PoC) exploit code for a critical vulnerability in Atlassian’s Confluence Data Center and Server technology has become publicly available. ShadowServer reported 36 unique IP addresses attempting to exploit the vulnerability over 24 hours. The bug allows attackers to access privileged functionality and data, and can delete or block data on a Confluence instance. Despite the vulnerability becoming public, there are reportedly no active exploits yet. Atlassian recommends immediate actions for protection and patching of the system.
U.S. Authorities Eradicate PlugX Malware Nationwide
The Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) have announced the removal of the malware PlugX from over 4,200 computers in
