The Kinsing cryptominer botnet is reportedly exploiting the Apache ActiveMQ vulnerability (CVE-2023-46604) to infect Linux systems - TrendMicro reports. This is the latest of a few exploitation streams observed in the wild. During the last two weeks, there have been reports of HelloKitty and TellYouThePass ransomware exploiting this very same vulnerability. It is critical for exposed organizations to patch their instances promptly.
- Clipeus