Iranian hackers breach Federal Civilian Executive Branch using Log4Shell vulnerability

The US Cybersecurity and Infrastructure Agency (CISA) revealed that an Iranian government-backed hacking group breached the Federal Civilian Executive Branch (FCEB) in February. Using an unpatched vulnerability in a VMware Horizon server, the hackers installed XMRig crypto-mining software and compromised several hosts to ensure continued access. The breach was not detected until June, despite CISA’s previous warnings about exploiting the vulnerability. This event underscores the need for transparency and heightened security in software supply chains.