all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Spring Cloud Function SpEL Injection (CVE-2022-22963) Exploited in the Wild

Add to bookmarks
March 31, 2022, 7:30 p.m. | Akamai Threat Research Team

Akamai Blog www.akamai.com

Although Spring Cloud Functions are not as widespread as the Log4j library, and should provide a good separation from the hosting server, some draw the line between the two, due to the ease of exploitation over HTTP/s. This new vulnerability will definitely result in many threat actors launching campaigns for crypto-mining, ddos, ransomware, and as a golden ticket to break into organizations for the next years to come.

cloud cloud function cve cve-2022-22963 injection spel spring spring cloud spring cloud function

Visit resource

More from www.akamai.com / Akamai Blog

Phishing Campaigns Targeting USPS See as Much Web Traffic as the USPS Itself 2 days, 1 hour ago | www.akamai.com
campaigns phishing phishing campaigns targeting +4
How HTTP/2 Persistent Connections Help Improve Performance and User Experience 4 days, 2 hours ago | www.akamai.com
connections experience http performance +2
Keep Your Tech Flame Alive: Trailblazer Samantha Lee 5 days, 2 hours ago | www.akamai.com
lee tech
The 8 Most Common Causes of Data Breaches 1 week, 1 day ago | www.akamai.com
breaches data data breaches
Data Matters ? The Value of Visibility in API Security 1 week, 2 days ago | www.akamai.com
api api security data security +2
Empowering Change: Using Your Influence to Confront the Climate Crisis 1 week, 5 days ago | www.akamai.com
change climate climate crisis crisis +1
CreateRCE ? Yet Another Vulnerability in CreateUri 2 weeks, 1 day ago | www.akamai.com
vulnerability
API Cyberattacks: A Growing Threat for Organizations in Latin America 2 weeks, 1 day ago | www.akamai.com
america api cyberattacks effect +5
Akamai?s Perspective on April?s Patch Tuesday 2024 2 weeks, 1 day ago | www.akamai.com
akamai april patch patch tuesday +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs