More than 2,000 machines at schools and other organizations have been infected with a backdoor in unpatched versions of JBoss that could be used at any moment to install ransomware