https://techmonitor.ai/technology/cybersecurity/log4j-vulnerability-cyber-crime

A vulnerability in a widely used open-source logging tool from the Apache Foundation has left millions of web applications at the mercy of cybercriminals. The zero-day vulnerability, known as Log4Shell, is caused by a problem in Apache’s Log4J logging library and allows threat groups to launch remote code attacks against affected systems.

Cybercriminals are currently using the vulnerability to hack into servers and mine cryptocurrencies, and could soon move on to trying to steal valuable personal data. Patching is the only solution to the problem, but tracking down all affected applications may not be that simple, experts have warned.