Log4Shell (CVE-2021-44228) is a remote code execution vulnerability affecting some versions of Log4J, particularly Apache Log4J 2 (versions 2.14.1 and earlier). This flaw stems from how these versions handle Java Naming and Directory Interface (JNDI) lookups. It allows hackers to execute malicious code remotely by tricking this older JNDI functionality into executing a download command from a server containing malware.
Chinese Hackers Actively Exploiting Ivanti VPN Vulnerability to Deploy Malware
Security researchers have found a critical vulnerability (CVE-2025-22457) in Ivanti Connect Secure VPN appliances, exploited by suspected Chinese group UNC5221 since mid-March 2025. This buffer
