Thanks to the Apache Java logging library log4j‘s popularity and its ability to hide in code, we have landmines hiding in our infrastructure due to log4j’s Log4Shell security vulnerabilities. A day, an hour, doesn’t go by without new exploits blowing up.
Read full article on The New Stack