Uma análise interessante de diversos ataques em curso contra a vulnerabilidade na Bash, aka Shellshock.
"We have observed a significant amount of overtly malicious traffic leveraging BASH, including
Malware droppers
Reverse shells and backdoors
DDoS"
Shellshock in the Wild - FireEye blog
Actualização (2/10): além deste os melhores artigos que encontrei sobre o Shellshock estão no blog do M. Zalewski (Google):
Quick notes about the bash bug, its impact, and the fixes so far
Bash bug: the other two RCEs, or how we chipped away at the original fix (CVE-2014-6277 and '78)