• luciddaemon@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    39
    ·
    1 month ago

    Seeing the diagram, it only attacks servers with misconfigured rocketMQ or CVE-2023-33426, which is already patched. Am I understanding this correctly?

    • cron
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 month ago

      It probably has a large database of exploits it can use. The article claims 20k, but this seems to high for me.