Exploitation of CVE-2026-34197 (Remote Code Execution)
Jolokia API exploitation
Malicious XML configuration injection
SoxAgent RAT deployment
Exploitation of default credentials
Authentication bypass via CVE-2024-32114
Establishment of ORB networks (GOBLIN14)