https://www.bleepingcomputer.com/news/security/new-ransomware-now-being-deployed-in-log4shell-attacks/

The first public case of the Log4j Log4Shell vulnerability used to download and install ransomware has been discovered by researchers.

Last Friday, a public exploit was released for a critical zero-day vulnerability named 'Log4Shell' in the Apache Log4j Java-based logging platform. Log4j is a development framework that allows developers to add error and event logging into their Java applications.