Apache ActiveMQ Exploit Leads to LockBit Ransomware Key Takeaways - A threat actor exploited CVE-2023-46604 on an internet-facing Apache ActiveMQ server. Despite being evicted after the initial intrusion, they successfully breached the same server on a second occasion 18 days later. - After compromising the server, the threat actor used Metasploit, possibly along with Meterpreter, to perform post-...