Bishop Fox covers server-side request forgery (SSRF) and insufficient authorization controls vulnerabilities in Atlassian Jira Align, Version 10.107.4.

Cyble analyzes CVE-2022-36804 affecting Atlassian Bitbucket and how Threat Actors may exploit this in the near future.

Over the Memorial Day weekend in the United States, Volexity conducted an incident response investigation involving two Internet-facing web servers belonging to one of its customers that were running Atlassian Confluence Server software. The investigation began after suspicious activity was detected on the hosts, which included JSP webshells being written to disk

Over the Memorial Day weekend in the United States, Volexity conducted an incident response investigation involving two Internet-facing web servers belonging to one of its customers that were running Atlassian Confluence Server software. The investigation began after suspicious activity was detected on the hosts, which included JSP webshells being written to disk