That may be the fastest I've seen an exploit go from "theoretical" to "used"

Found in our web logs this afternoon. This is bash shellshock.

Request: '() {:;}; /bin/ping -c 1 104.131.0.69'

This bad boy came from the University of Oklahoma, IP address 157.142.200.11 . The ping address 104.131.0.69 is something called shodan.io. Patch this one folks. Remote execution badness, and all that goes along with it.