The Jenkins Project disclosed a security breach after threat actors compromised one of their internal servers and installed a cryptocurrency miner. Maintained by Jenkins community it’s a powerful open source automation tool
The attackers breached a deprecated Confluence service used by the organization exploiting the Confluence CVE-2021-26084 vulnerability. In response to the incident, the Jenkins team took the affected server offline and launched an investigation into the security incident.
The maintainers of the project are not aware of any compromise for Jenkins releases, plugins, or source code have been affected.
Threat actors started exploiting the CVE-2021-26084 vulnerability in Atlassian’s Confluence enterprise collaboration product a few days after it was patched by the vendor. Its only observed threat actors exploiting the issue to deliver cryptocurrency miners, but attackers could start exploiting them to deliver other malware, including ransomware.
Last week, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product.