Atlassian is being actively exploited to compromise corporate networks

Two widely-used Atlassian Bitbucket tools – Server and Data Center, carry a high severity flaw that allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code, experts have warned. 

The flaw is being actively used in the wild, the US Cybersecurity and Infrastructure Agency (CISA) has noted, urging companies that use the tools to patch (opens in new tab) their endpoints (opens in new tab) immediately. Internet traffic analysts GreyNoise confirmed CISA’s findings, saying it had found evidence of the flaw being exploited.


Leave a Comment