Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

An unpatched Atlassian Confluence server served as the credential harvesting stage in the SCC-CAM-2026-0354 attack chain, with embedded plaintext credentials in Confluence pages enabling Kerberos relay against Active Directory. No specific Confluence CVE is attributed in this campaign; the risk is operational — unpatched Confluence paired with embedded secrets creates a reliable escalation path from any internal foothold to domain compromise.

Author

Tech Jacks Solutions