Hackers continue to exploit the Log4j vulnerability in vulnerable applications, as shown by the Iranian MuddyWater threat actor who was found targeting Israeli organizations using the SysAid software.
It s been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of the available fixes is still way behind.
Researchers warn of critical Java flaw impacting the console of the H2 Java SQL database. Users are advised to update their H2 database to mitigate remote code execution risk.