APT Actively targeting unpatched VMWare Horizon, exploiting Log4j

Oscar Minks
February 18, 2022

Share This Post

An Iranian APT is actively targeting unpatched VMWare Horizon systems to exploit Log4j vulnerabilities. The APT is destructive and these attacks often lead to full Ransomware deployment in the victim’s environment.

See the full Sentinel One synopsis here:

https://www.sentinelone.com/labs/log4j2-in-the-wild-iranian-aligned-threat-actor-tunnelvision-actively-exploiting-vmware-horizon/

Reach out to our incident response team for help

More To Explore

Information Security News – 12/8/2025

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs into Spyware Article link: https://thehackernews.com/2025/12/shadypanda-turns-popular-browser.html University of Pennsylvania Joins Victims of Clop’s Oracle EBS Raid Article

Marcus Cylar December 8, 2025

Information Security News – 12/1/2025

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist Article Link: https://thehackernews.com/2025/11/qilin-ransomware-turns-south-korean-msp.html Emergency Alerts Go Dark After Cyberattack on OnSolve CodeRED

Jo Moldenhauer December 2, 2025

APT Actively targeting unpatched VMWare Horizon, exploiting Log4j

Share This Post

More To Explore

Information Security News – 12/8/2025

Information Security News – 12/1/2025

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.

Follow Us:

Privacy Policy

© 2025 FRSecure LLC