Log4Shell

Subject – Defence and Security

Context – Log4j vulnerability has tech firms worried

Concept –

A new vulnerability named Log4Shell is being touted as one of the worst cybersecurity flaws to have been discovered.
The vulnerability is based on an open-source logging library used in most applications by enterprises and even government agencies.
The exploits for this vulnerability are already being tested by hackers, according to several reports, and it grants them access to an application, and could potentially let them run malicious software on a device or servers.