Openfire messaging servers have a high-severity vulnerability that hackers are actively using to install cryptominers and encrypt servers with ransomware.

A popular Java-based open-source chat (XMPP) server called Openfire has been downloaded 9 million times and is frequently used for private, cross-platform chat communications.

The vulnerability, identified as CVE-2023-32315, affects Openfire’s administrative dashboard and results in an authentication bypass, enabling unauthenticated attackers to establish new admin accounts on vulnerable servers.

These accounts are used by the attackers to install malicious Java plugins (JAR files), which then carry out instructions received via GET and POST HTTP requests read more Hackers actively Exploiting Openfire Flaw to encrypt servers.

Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.

The post Hackers Actively Exploiting Openfire flaw to encrypt servers appeared first on Recon Bee.