Microsoft researchers observed attackers exploiting the Log4Shell bug in the SolarWinds Serv-U software.
White House officials and leaders from Apple, Google, GitHub, and other companies met to discuss ways to improve the security of open source projects critical to national security.
Threat actors known as DEV-0401 based in China are exploiting the Log4Shell vulnerability to deploy the NightSky ransomware.
The Iran-linked threat actor is exploiting the infamous Log4j bug in order to execute a new PowerShell data exfiltration toolkit.
Researchers have found a Log4Shell-like flaw in the H2 database console, which allows remote code execution.