Back Issues This Week → Current Issue → Popular →

The critical severity level vulnerability in a logging framework used across virtually all Java environments quickly set the internet on fire when it was released and exploited. It's considered one of the most critical vulnerabilities ever, due to the prevalence of Log4j, a popular Java library for logging error messages in applications, and how easy Log4Shell is to exploit. Just by sending plaintext messages, the attacker can trick the application into sending malicious code to gain remote control over the system.