Threat Post

Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack

The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” An excruciating, easily exploited ...
CSOonline

Access broker found exploiting Log4j vulnerability in VMware

A gang of cybercriminals known for breaking into computer systems and selling access to them has been discovered exploiting an Apache Log4j vulnerability, Log4Shell, in unpatched VMware Horizon to ...