From zdnet.com
Initial access broker group, Prophet Spider, has been found exploiting the Log4J vulnerability in VMware Horizon, according to a new report from researchers with BlackBerry Research & Intelligence and Incident Response teams.
Even though VMware released a patch in December and has published extensive guidance on how to mitigate the issue, many implementations remain unpatched.