Three-year-old Apache Flink flaw now under active attack

An improper access control bug in Apache Flink that was fixed in January 2021 has been added to the US government’s Known Exploited Vulnerabilities Catalog, meaning criminals are right now abusing the flaw in the wild to compromise targets.

You can read the full article here.