Major attacks using Log4j vulnerability ‘lower than expected’

Cybersecurity company Sophos has reported that successful hacking attempts using the vulnerabilities in Apache Log4j have been limited so far, due to the rapid response from the security community. While the number of attacks is lower than expected, the broad scope and difficulty of patching the Log4Shell vulnerability suggest it will continue to be exploited in the future. Sophos stressed the importance of identifying the vulnerability in applications and updating with the necessary patches.