Bleeping Computer

Over 3,000 Openfire servers vulnerable to takover attacks

Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. Openfire is ...
Dark Reading

Cyberattackers Swarm OpenFire Cloud Servers With Takeover Barrage

The Kinsing cybercrime group is back with a new attack vector: Pummeling a previously disclosed path traversal flaw in the Openfire enterprise messaging application to create unauthenticated admin ...