VERY IMPORTANT

Over the past few weeks, there has been a notable increase in malicious activity targeting a recent critical vulnerability in the Apache ActiveMQ software. This vulnerability is specifically linked to unsafe deserialization practices within the OpenWire protocol and has been designated as CVE-2023-46604. Exploiting this vulnerability enables threat actors to potentially gain unauthorized access to a target system by executing arbitrary shell commands. Since a PoC of the exploit was made publicly available in October 2023, threat actors have been using it to deploy crypto-miners, rootkits, ransomware, and remote access trojans.