In Part 2 of this series, I walked you through the data exfiltration and remote code execution exploits, as well as the threat surface. In this post, I want to talk about what we’re finding with respect to the evolution of the attacks as we continue our research. (For example, in December 2021, Akamai’s Hidecki Okamoto discovered a new vulnerability .) As we continuously monitor the situation and provide protections for our customers, Akamai is seeing the threat evolve in two distinct directions . The first is with respect to payloads. \r\n Enterprises are increasingly relying on mitigations such as web application firewalls, or WAFs, to help protect them. Such systems search for the presence of exploitable strings in web requests and drop any they find.…