Bleeping Computer

State hackers use new PowerShell backdoor in Log4j attacks

Hackers believed to be part of the Iranian APT35 state-backed group (aka 'Charming Kitten' or 'Phosphorus') has been observed leveraging Log4Shell attacks to drop a new PowerShell backdoor. The ...
InfoWorld

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...
Infosecurity Magazine

Log4Shell Downloaded 40 Million Times in 2025

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...
Wired

The Next Wave of Log4J Attacks Will Be Brutal

A week ago, the internet experienced a seismic event. Thanks to a vulnerability in Log4j, a popular open source library, multitudes of servers around the world were suddenly exposed to relatively ...
ZDNet

Cybersecurity experts debate concern over potential Log4j worm

Tom Kellermann, VMware's head of cybersecurity strategy, said the Log4j vulnerability is one of the worst vulnerabilities he has seen in his career -- and one of the ...