Iranian hackers breach Federal Civilian Executive Branch using Log4Shell vulnerability

The Cybersecurity and Infrastructure Agency (CISA) has revealed that an Iranian government-sponsored hacking group breached the Federal Civilian Executive Branch (FCEB) by exploiting an unpatched vulnerability in VMware Horizon server. Detected in June, the breach dates back to February. The hackers installed XMRig crypto-mining software and maintained persistence via reverse proxies on several hosts.