We woke up to a very strange email from Google:
> Dear Customer,
We have indications that your project XYZ (id: xyzxyzxyz) might have been compromised by the Apache “Log4j 2” vulnerability
These servers do not run Java. I checked they don't have a JVM installed. Some of them do handle encrypted LDAP requests. I replied to Google and ask for clarification on their cryptic email but did not get a response.
Anyone else get these, more important, any idea what "detection" Google is using?