{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/actors/lockbit/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":["LockBit","BITWISE SPIDER","HelloKitty"],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["activemq","rce","cve-2023-46604","ransomware"],"_cs_type":"threat","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2023-46604 is a critical remote code execution (RCE) vulnerability affecting Apache ActiveMQ message brokers. This vulnerability allows a remote attacker with network access to the ActiveMQ broker to execute arbitrary shell commands by manipulating serialized class types within the OpenWire protocol. The vulnerability affects Apache ActiveMQ versions 5.16.0 before 5.16.7, 5.17.0 before 5.17.6, 5.18.0 before 5.18.3, and before 5.15.16, as well as corresponding versions of the Legacy OpenWire…\u003c/p\u003e\n","date_modified":"2026-02-25T09:22:01Z","date_published":"2026-02-25T09:22:01Z","id":"/briefs/2026-02-activemq-rce/","summary":"CVE-2023-46604 is a remote code execution vulnerability affecting Apache ActiveMQ that is actively exploited in the wild by ransomware operators, allowing remote attackers to execute arbitrary shell commands.","title":"Active Exploitation of Apache ActiveMQ RCE Vulnerability (CVE-2023-46604)","url":"https://feed.craftedsignal.io/briefs/2026-02-activemq-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — LockBit","version":"https://jsonfeed.org/version/1.1"}