Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing.
Threatpost
Posts tagged "Swarm"
Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware
The living-off-the-land binary (LOLBin) is anchoring a rash of cyberattacks bent on evading security detection to drop Qbot and Lokibot.
Threatpost