A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected computers with the aim of stealing confidential data. “The nature of the targeting was opportunistic in that multiple infections occurred in multiple countries and different sectors on the same dates,” said Rotem Sde-Or and Eliran Voronovitch, researchers at Fortinet’s FortiGuard Labs, in a report released this week. “The victims belong to the financial, scientific, cosmetic and travel industries.” Deep Panda, also known by the nicknames Shell Crew, KungFu Kittens and...