Chinese Hackers Exploiting Critical Confluence Vulnerability, Microsoft and Atlassian Warn

Microsoft says Chinese state-backed hackers are exploiting a critical zero-day vulnerability in Atlassian Confluence software.

The vulnerability (CVE-2023-22515) was disclosed on October 4, but Microsoft saw exploitation by Storm-0062 since September 14.

The flaw allows remote attackers to create unauthorized admin accounts and access Confluence servers.

Atlassian has confirmed a nation-state actor is exploiting the vulnerability and released a patch.

Microsoft and Atlassian are investigating the scale of customer exploitation, but Atlassian has received reports from a handful of impacted customers so far.