Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims’ files using Cerber ransomware. Described by Atlassian as an improper authorization vulnerability and tracked as CVE-2023-22518, this bug received a 9.1/10 severity rating, and it affects all versions of Confluence Data Center and Confluence Server software. According to data from threat monitoring service ShadowServer, there are currently more than 24,000 Confluence instances exposed online, although there’s no way to tell how many are vulnerable to CVE-2023-22518 attacks.