Attackers have begun exploiting a critical remote code execution vulnerability patched last week in Apache ActiveMQ to deploy ransomware in enterprise networks. Users are urged to upgrade the software as soon as possible. “Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two different customer environments,” researchers from security firm Rapid7 said in a report. “In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations.”
