Executive Summary A critical remote code execution (RCE) vulnerability in Apache ActiveMQ is being actively exploited to deliver DripDropper, a sophisticated malware designed for persistent access and stealthy operations on cloud systems. The vulnerability, identified as CVE-2023-46604, allows unauthenticated attackers to execute arbitrary shell commands. In a notable tactic, the attackers patch the vulnerability after exploitation to […]
The post Exploitation in Progress: Apache ActiveMQ Vulnerability Used to Deliver DripDropper Malware appeared first on SecPod Blog.