A critical Atlassian Confluence Server vulnerability is being remotely exploited by attackers to compromise Linux and Windows servers, allowing them to drop GandCrab ransomware and the Dofloo (aka AESDDoS, Mr. Black) Trojan. Trend Micro security researcher Augusto II Remillano says that Atlassian patched the software flaw on March 20 [1, 2, 3] and advised users to update their installation to a fixed version of the Atlassian confluence Server and Data Center. The vulnerability is present in the Widget Connector in vulnerable versions.
Source: https://www.bleepingcomputer.com/news/security/vulnerable-confluence-servers-get-infected-with-ransomware-trojans/