Earlier this week the Jenkins infrastructure team identified a successful attack against our deprecated Confluence service. We responded immediately by taking the affected server offline while we investigated the potential impact. At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected. Thus far in our investigation, we have learned that the Confluence CVE-2021-26084 exploit was used to install what we believe was a Monero miner in the container running the service. From there an attacker would not be able to access much of our other infrastructure. Confluence did integrate with our integrated identity system which...
...moreSummary
Total Articles Found: 2
Top sources:
Top Keywords:
- infrastructure: 1
- security: 1
- gsoc2024: 1
- community: 1
- events: 1
Top Authors
- alyssat: 1
Top Articles:
- Jenkins project Confluence instance attacked
- Congrats and Welcome to Jenkins in Google Summer of Code 2024 Contributors
Jenkins project Confluence instance attacked
🤖: "Hacked wiki"
Congrats and Welcome to Jenkins in Google Summer of Code 2024 Contributors
This year, we received numerous outstanding Google Summer of Code (GSoC) proposals for Jenkins with just as many compelling ideas.Many thanks to all who submitted their proposal(s) previously.Due to a very limited number of mentors available, we could only accept a small number of submissions.Congratulations go out to Danyang Zhao, Sridhar S, Shlomo Dahan, Nour Almulhem, and Phillipp Glanz for having been selected for Jenkins in GSoC 2024.It is now time to roll up our sleeves and get to the heart of why we’re doing this: to help make Jenkins a better project for all users.In the next few weeks,...
...more