"Which has Apache antsy, as it's not willing to wear responsibility for a hack that took place before it knew it had a problem"
Meanwhile why the fight between companies began over legal rights and who was or wasn't (in)directly responsible no further attempts were made to backtrace the source of the attack in an attempt to catch the actual attackers. Because... effort?
Companies trying to put the blame on Apache is totally laughable, though at the same time poor comedy. They use the software for free, they cut corners by not having to pay, say, Oracle huge license fees for using stuff such as Glassfish, and they're still whining when something goes wrong. Because then it's everyone elses fault (not the attackers of course).
Companies like that truly and honestly disgust me.
And even if it was the other way around, so what? Sometimes people tend to forget that in the end Open Source is just that, open source and best effort at best. You need a fix? How about YOU try to fix it yourself, then you can gloat how cool and hip you are and about how others are slacking to keep up. Unless those whiners at qz.com can pull that off I think they should really keep their whining to themselves.