U.S. state legislature, Middle Eastern gov’t targeted by espionage group through Log4j

The Budworm hacking group, linked to the Chinese government, has reportedly used the Log4j vulnerability to attack a US state legislature, a multinational electronics firm, and a Southeast Asian hospital. The group exploited Log4j vulnerabilities to attack servers using HyperBro and PlugX/Korplug Trojan malware, both associated with Chinese hackers. Security firm Symantec reported this is the second recent case of Budworm targeting US-based entities, indicating a possible shift in focus for the group.