Because it was first recognized on June 2, the Atlassian Confluence distant code-execution (RCE) vulnerability tracked as CVE-2022-26134 has attracted the repeated consideration of menace actors. Now, after peaking at as much as 100,000 assault makes an attempt every day on targets, cyberattackers have settled at a gradual fee of 20,000 malware injection pictures per day, launched from round 6,000 IPs.
Researchers at Akamai noticed that assaults on the Atlassian Confluence bug are primarily centered within the commerce, excessive tech, and monetary providers sectors, and vary from probing to malware injection in hopes of putting in cryptominers and Internet shells.
“What is especially regarding is how a lot of a shift upward this assault kind has garnered over the past a number of weeks,” a Tuesday Akamai report on the Atlassian Confluence vulnerability mentioned. “As we’ve got seen with related vulnerabilities, this CVE-2022-26134 [bug] will seemingly proceed to be exploited for a minimum of the following couple of years.”
