LogWatch is a nice tool that provides daily reports on linux log files. It includes several information summaries, like traffic, users who logged in, who used sudo, relevant kernel messages, IPs that probed the server, search engines that probed your apache, etc...
One section includes IP addresses that used known exploits attempts to hack your server. They didn't necessarily succeed, but they are listed in the report anyway for knowledge. This is what it looks like.
Attempts to use known hacks by 4 hosts were logged 4 time(s) from:
187.13.156.179: 1 Time(s)
^null$ 1 Time(s)
187.60.121.62: 1 Time(s)
^null$ 1 Time(s)
189.123.240.18: 1 Time(s)
^null$ 1 Time(s)
189.70.214.124: 1 Time(s)
^null$ 1 Time(s)
My question is what exactly is this ^null$ attack? I've tried googling this, but nothing relevant seems to show up.
This is usually not something to worry about - it isn't necessarily an actual attack. The ^null$ "attack" is simply a client connection terminating without sending any HTTP request (i.e. a connection is established to your web server, but no request is received).
If you had multiple attempts on your server from a single IP, or many ^null$ entries per IP, then you may have evidence of a concerted attempt. As it is, I would suggest you can safely ignore the example log you've given above.