Researchers from Datadog Security Labs have detected a new campaign exploiting the Log4Shell vulnerability. The critical flaw was first detected in November 2021 and exploits surfaced less than two weeks later. Exploits for the vulnerability have become parts of hacking toolkits. While fixes have been available since December 2021, the issue is proving difficult to eliminate “because of software dependencies and so-called ‘transitive dependencies’ that make patching very difficult.” More https://securityonline.info/log4j-exploited-again-new-campaign-targets-vulnerable-systems-with-crypto-mining-and-backdoors/
