U.S. Cybersecurity and Infrastructure Security Agency: Unpatched systems should be treated as compromised. Attackers are using the Log4Shell vulnerability to hack into unpatched VMWare virtual desktop software. The vulnerability was discovered late last year by security researchers who discovered a zero-day vulnerability in a Java data-logging framework present in hundreds of millions of devices. The advisory illustrates an all-too-common trajectory of vulnerabilities, says cybersecurity expert Kumar Saurabh, co-founder of cybersecurity firm LogicHub.”]
Source: https://www.inforisktoday.com/attackers-use-log4shell-to-hack-unpatched-vmware-products-a-19449

