Volexity security researchers recently reported a zero-day vulnerability affecting Atlassian Confluence Server and Data Center which is currently being exploited in the wild. Volexity researchers issued the report after responding to incidents over the US Memorial Day weekend. Atlassian confirmed these reports and issued a security advisory announcing that the vulnerability is currently unpatched and affecting all currently supported versions of the Confluence Server and Confluence Data Center products. Atlassian has said that its cloud-based products are not known to be vulnerable at this time and is tentatively scheduling a patch release for end of day on June 3rd.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in