US Cybercom has sent out a public notice warning IT teams that CVE-2021-26084 — related to Atlassian Confluence — is actively being exploited.
“Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate. Please patch immediately if you haven’t already — this cannot wait until after the weekend,” US Cybercom sent out in a tweet on Friday ahead of the Labor Day weekend holiday.
A number of IT leaders took to social media to confirm that it was indeed being exploited.