VERY IMPORTANT

A recent intelligence report details scanning activity targeting the Confluence CVE-2022-26134 vulnerability. The report analyzes packets captured by a DShield sensor which show attempts to exploit the RCE flaw using the Nashorn Java engine. The scanning originates from various IPs and locations. Decoded requests attempt to download and execute a shell script from a remote server. The report provides IoCs including callback domains, IPs, and file hashes related to the exploitation attempts.