Wired

A Year Later, That Brutal Log4J Vulnerability Is Still Lurking

A year ago, as Russia amassed troops at its border with Ukraine and the Covid-19 Omicron variant began to surge around the world, the Apache Software Foundation disclosed a vulnerability that set off ...
ZDNet

Within hours of the Log4j flaw being revealed, these hackers were using it

A prolific and likely state-backed hacking group repeatedly targeted several US state governments by using software vulnerabilities in web applications and then later scanning for Log4j ...
ZDNet

Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft

Microsoft has confirmed that suspected China-based cyber criminals are targeting the Log4j 'Log4Shell' flaw in VMware's Horizon product to install NightSky, a new ransomware strain that emerged on ...
Computer Weekly

China’s APT41 exploited Log4j within hours

The Chinese advanced persistent threat (APT) actor tracked variously as APT41, Barium, Wicked Panda/Spider or Bronze Atlas was actively compromising victims via the Log4Shell vulnerability in Apache ...