Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Iranian APT activity was detected on the networks of federal agencies. The intruders utilized an exploit targeting Log4Shell (CVE-2021-44228) to install XMRig crypto mining software on an unpatched VMware Horizon server. Due to the similarity in the tools used and attack chain hive pro threat research team has linked it to the Iranian state-sponsored actor Fox Kitten