The recently disclosed Apache ActiveMQ remote code execution (RCE) flaw, CVE-2023-46604 is being exploited to spread ransomware binaries on target systems and demand a ransom from the victim organizations.
Based on the evidence and the ransom note, Rapid7 experts have linked the activity to the HelloKitty ransomware family, whose source code was made public on a forum in early October.
https://cybersecuritynews.com/hellokitt ... -activemq/