Security researchers says while Spring4Shell may not be Log4Shell, it’s still a critical vulnerability and security teams need to do the patch and follow the remediation recommendations.
BleepingComputer reports that VMware Horizon servers vulnerable to Log4Shell are being targeted by Chinese advanced persistent threat group Deep Panda to distribute the novel Fire Chili rootkit.
Reuters reports that the US government has held private briefings warning critical infrastructure organizations regarding the potential security risks of using Kaspersky software a day after Russia invaded Ukraine.
QNAP has issued a warning that the high-severity OpenSSL vulnerability, tracked as CVE-2022-0778, is affecting most of its network-attached storage devices.
Threat actors have launched ongoing attacks aimed at internet-connected uninterruptible power supply devices, which are being leveraged as emergency power backup solutions in data centers, server rooms, industrial facilities, and hospitals.