The problem lies in Log4j, a ubiquitous, open source Apache logging framework that developers use to keep a record of activity within an application. Security responders are scrambling to patch the bug, which can easily be exploited to take control of vulnerable systems remotely.

Read full article on Wired – Threat Level