Atlassian has alerted users to a critical security flaw, CVE-2023-22518, affecting Confluence Data Center and Server.

Cybercriminals are exploiting the vulnerability to install Cerber ransomware, create unauthorized admin accounts, and run malicious commands via web shells.

The Cerber ransomware encrypts files accessible to the 'confluence' user and can introduce additional malicious payloads from a command and control (C2) server.

An advanced version of the ransomware has been identified, capable of network propagation and disabling Microsoft Defender Antivirus.

The situation highlights the urgency of fixing security vulnerabilities and the necessity for strong security practices and a culture of cybersecurity awareness.