Spring4Shell Archives - Security Affairs

Pierluigi Paganini April 09, 2022

A Mirai-based botnet is exploiting the Spring4Shell vulnerability

Experts warn of a Mirai-based botnet exploiting the recently discovered Spring4Shell vulnerability in attacks in the wild. Trend Micro Threat Research reported that the recently discovered Spring4Shell vulnerability (CVE-2022-22965) is actively exploited by a Mirai-based botnet. Researchers from Chinese cybersecurity firm Qihoo 360 first reported the exploitation of the Spring4Shell by a Mirai-based botnet in early April. […]

Pierluigi Paganini April 05, 2022

CISA adds Spring4Shell flaw to its Known Exploited Vulnerabilities Catalog

The U.S. CISA added the recently disclosed remote code execution (RCE) vulnerability Spring4Shell to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed CVE-2022-22965 (aka Spring4Shell, CVSS score: 9.8) flaw in the Spring Framework, along with three other issues, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) […]

Pierluigi Paganini April 04, 2022

VMware released updates to fix the Spring4Shell vulnerability in multiple products

VMware released security updates to address the critical remote code execution vulnerability known as Spring4Shell. VMware has published security updates to address the critical remote code execution vulnerability known as Spring4Shell (CVE-2022-22965). According to the virtualization giant, the flaw impacts many of its cloud computing and virtualization products. The Spring4Shell issue was disclosed last week, […]

Pierluigi Paganini March 31, 2022

Mysterious disclosure of a zero-day RCE flaw Spring4Shell in Spring

An unauthenticated zero-day RCE vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed. Researchers disclosed a zero-day vulnerability, dubbed Spring4Shell, in the Spring Core Java framework called ‘Spring4Shell.’ An unauthenticated, remote attacker could trigger the vulnerability to execute arbitrary code on the target system. The framework is currently maintained by Spring.io […]

Spring4Shell

A Mirai-based botnet is exploiting the Spring4Shell vulnerability

CISA adds Spring4Shell flaw to its Known Exploited Vulnerabilities Catalog

VMware released updates to fix the Spring4Shell vulnerability in multiple products

Mysterious disclosure of a zero-day RCE flaw Spring4Shell in Spring

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

Jaguar Land Rover will extend its production halt into a third week following a cyberattack

China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

QUICK LINKS

Spring4Shell

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!