An Iranian APT is actively targeting unpatched VMWare Horizon systems to exploit Log4j vulnerabilities. The APT is destructive and these attacks often lead to full Ransomware deployment in the victim’s environment.
See the full Sentinel One synopsis here:
Ivanti Warns of New EPMM Flaw Exploited in Zero-Day Attacks Article Link: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/ RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded Article
Fear Is the Dependency Killer. The “Mini Shai-Hulud” attack highlights how modern software supply chain threats are evolving beyond stolen developer credentials into direct compromise
