Jenkins, an open-source automation server, recently disclosed that the Confluence service, which has been deprecated, was successfully exploited using the Confluence CVE-2021-26084 exploit, which USCybercom warned about last week in a notification.
Jenkins documentation officer Mark Waite said in a statement that the impacted server was taken offline and that the team is evaluating the problem’s impact.
They have no reason to believe any Jenkins releases, plugins, or source code has been impacted at this time. According to Waite, they have discovered that the Confluence CVE-2021-26084 exploit was exploited to install what they believe is a Monero miner in the container that runs the service.
To Read More: ZDNet
For more such updates follow us on Google News ITsecuritywire News.