CISA: Hackers are still using Log4Shell to breach networks, so patch your systems

Unpatched systems are still being exploited by hackers due to a flaw in the application-logging software Log4j known as “Log4Shell.” The Cybersecurity & Infrastructure Security Agency (CISA) and the US Coast Guard Cyber Command (CGCYBER) have advised all organisations to patch VMware’s Horizon and Unified Access Gateway (UAG) servers which utilise Log4j. Hackers have reportedly used the vulnerability to access and steal sensitive information, including admin credentials.