Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts.

"The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners," Trustwave said. "Notably, despite the binary's unknown file

activemq actor apache apache activemq attacks binary compromised cybersecurity evade exploited exploiting flaw researchers scanners security shell shells signature the web threat threat actor threat actor activity trustwave warning web web shell web shells