https://techcrunch.com/2021/12/13/the-race-is-on-to-patch-log4shell-as-attacks-begin-to-rise/

Security teams around the globe are scrambling to fix Log4Shell, a critical security flaw in Log4j, an open source logging software that’s found practically everywhere from online games to enterprise software and cloud datacenters. Its ubiquity has put the internet on high alert as attackers ramp up their efforts to target vulnerable systems.

Log4Shell is a zero-day vulnerability — named as such since affected organizations have zero days to patch their systems — that allows attackers to remotely run code on vulnerable servers running Log4j, which developers use to keep a record of what’s happening inside an application as it runs. The vulnerability is tracked as CVE-2021-44228 and was given the maximum 10.0 severity rating, meaning attackers can remotely take full control of a vulnerable system over the internet without any interaction from the victim — and it doesn’t require much skill to pull it off.