"DreamBus Malware Exploits RocketMQ Flaw to Infect Servers"

A new version of the DreamBus botnet malware infects devices by exploiting a critical Remote Code Execution (RCE) flaw in RocketMQ servers. The exploited vulnerability, tracked as CVE-2023-33246, is a permission verification flaw that affects RocketMQ versions 5.1.0 and earlier and allows remote command execution under certain conditions. Recent DreamBus attacks exploiting this vulnerability were discovered by researchers at Juniper Threat Labs, who reported an uptick in activity in the middle of June 2023. This article continues to discuss findings regarding the new version of the DreamBus botnet malware.

Bleeping Computer reports "DreamBus Malware Exploits RocketMQ Flaw to Infect Servers"