Tracked as CVE-2025-34352 with CVSS 8.5
Software Vulnerabilities
+1
Attackers used compromised credentials for initial access
Ransomware
Extensions
About 20% of users may be affected
Company Website
The incident involved a compromised third-party API
Data Breach
AI is being used for propaganda, recruitment, and translation
AI Vulnerability
Victims can decrypt files without paying a ransom
Atlassian patched ~30 third-party vulnerabilities in December 2025
At least 38 agencies across 18 states were affected
Government Websites
