The attacks are enabled by a (fixed) vulnerability in ForgeRock’s Access Management, a popular platform that front-ends web apps and remote-access setups. Attackers are actively exploiting a critical, ...