TI Mindmap HUB
Threat Intelligence Report

Apache ActiveMQ Exploit Leads to LockBit Ransomware

๐Ÿ“… February 23, 2026 ๐Ÿ“ฐ thedfirreport.com ๐Ÿ” 1 CVE(s) referenced

A threat actor exploited an unpatched Apache ActiveMQ vulnerability twice, using Metasploit to escalate privileges and steal credentials, ultimately deploying LockBit ransomware across the network via RDP with a modified ransom note built from leaked LockBit tools.

researcher
CVE-2023-46604

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle