On Friday morning, NCSC/GovCERT.ch received reports about a critical vulnerability in a popular Java library called “Log4j”. At the time of receiving these reports, the vulnerability apparently has been exploited by threat actors “in the wild” and no patch was available to fix the vulnerability (0-day exploit).
Log4j is a popular Java library developed and maintained by the Apache foundation. The library is widely adopted and used in many commercial and open-source software products as a logging framework for Java.
Article Link: Zero-Day Exploit Targeting Popular Java Library Log4j