Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services by translating messages exchanged via different protocols (OpenWire, STOMP, MQTT, AMQP, etc.).

Source: Help Net Security