Major attacks using Log4j vulnerability ‘lower than expected’

Cybersecurity firm Sophos has reported that attacks leveraging the Log4j vulnerabilities have been limited, largely due to a massive response effort from the security community. However, the broad scope of the Log4Shell vulnerability indicates that it could be a target for exploitation for several years. The most significant attacks may not occur until months or years in the future.