Log4j: The Story So Far, and What to Expect in 2022

“The Log4Shell remote code execution vulnerability is one of the more impactful vulnerabilities we’ve seen in the last decade because of how many systems it affects. Cybercriminals from all over the world are seeking to exploit this fundamental part of the software supply chain,” said James Carder, Chief Security Officer at LogRhythm. “Anything with a logging mechanism generally leverages this open-source library, so this vulnerability likely impacts millions of devices and thousands of different products across critical infrastructure, financial institutions, healthcare organisations and other industries.”