CSOonline

Patched Apache ActiveMQ bug abused to drop Godzilla web shells

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...
Threat Post

Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors

With the malicious code embedded into websites, the attacker can then piggyback on the trust level of the website and launch a variety of attacks. Researchers have found a cross-site scripting (XSS) ...
Bleeping Computer

TellYouThePass ransomware joins Apache ActiveMQ RCE attacks

Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day. The ...
Bleeping Computer

3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability. Apache ActiveMQ is a scalable open-source ...
Dark Reading

Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware

More than 3,000 Internet-accessible Apache ActiveMQ Servers are exposed to a critical remote code execution vulnerability that an attacker has begun actively targeting to drop ransomware. The Apache ...
CSOonline

HelloKitty ransomware deployed via critical Apache ActiveMQ flaw

Attackers have begun exploiting a critical remote code execution vulnerability patched last week in Apache ActiveMQ to deploy ransomware in enterprise networks. Users are urged to upgrade the software ...
Dark Reading

Dangerous Apache ActiveMQ Exploit Allows Stealthy EDR Bypass

A fresh proof-of-concept (PoC) exploit for a critical security vulnerability in Apache ActiveMQ is making it easier than ever to achieve remote code execution (RCE) on servers running the open source ...