Canada Revenue Agency confirmed it shut down its website for filing federal taxes due to a cyber attack leveraging the CVE-2017-5638 flaw in Apache Struts 2. The issue was first spotted by the Chinese developer Nike Zheng, the issue was documented at Rapid7s Metasploit Framework GitHub site and attackers in the wild are exploiting a publicly available PoC code that triggers the vulnerability. No personal information was compromised due to the cyber attack on the Canada Revenue agency’s online tax services.”]
Source: https://securityaffairs.co/wordpress/57130/hacking/cra-apache-struts-hack.html