A threat offer to sell a zero-day exploit for Atlassian’s Jira in a underground forum. This exploit can be used on the latest version of Jira desktop app and Jira integrated with Confluence. According to the offer, It does not require any login credentials and can also work with Okta Single Sign-On (SSO), making it more impactful.
Apple has issued an urgent security advisory about 3 critical zero-day vulnerabilities—CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085—that are being actively exploited in...
Canon has announced a critical security vulnerability, CVE-2025-1268, in printer drivers for its production printers, multifunction printers, and laser printers....
Cybersecurity researcher Jeremiah Fowler recently revealed a sensitive data exposure involving the Australian fintech company Vroom by YouX, previously known...
Exploit Type: Zero-day Remote Code Execution (RCE)
Target: Atlassian Jira (latest desktop version and integrated with Confluence)
Login Requirement: None
SSO Compatibility: Okta SSO
Price: 800,000 XMR (Monero)
Source: DailyDarkweb
If the claim to be true, this exploit is a major security threat due to the widespread use of Jira and Confluence in corporate environments for project management and collaboration.
(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)