Threat actors can use a two-stage attack to establish a presence on affected networks
Multiple threat groups are currently leveraging Log4j bugs in their operations
'High severity' bug fixed is an uncontrolled recursion flaw
Researchers observe multiple attempts to deploy a Khonsari ransomware that hits Windows machines by making use of Log4Shell bug
New flaw is much less severe than the Log4jshell vulnerability, but admins are advised to update Log4j once again
One zero-day addressed has been observed in active attacks
Patch Log4j urgently admins urged, as memories of 2017 Equifax hack loom large