Researchers urged impacted organizations to “take steps immediately to mitigate the vulnerability" in Atlassian's Confluence Server and Data Center.
After an external party publicly disclosed the hardcoded password on Twitter, Atlassian said the issue is "likely to be exploited in the wild."
The majority of exploitation attempts against the recent Atlassian Confluence bug (CVE-2022-36134) are coming from Russia.
Exploitation of a critical, recently patched Atlassian Confluence bug continues to ramp up.
A newly disclosed zero day in some versions of Atlassian Confluence and Data Center is under attack and being used to install webshells on target servers.