The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new critical-severity vulnerability to its KEV catalog. The issue is tracked as CVE-2023-33246 and it affects Apache’s RocketMQ distributed messaging and streaming platform. Exploiting the vulnerability is possible without authentication and has been leveraged actively by threat actors since at least June. Multiple threat actors […]
The post Warning: RocketMQ Vulnerability Actively Exploited by Threat Actors appeared first on Heimdal Security Blog.