One Year of Log4j – The New Stack

The Log4J bug, a security vulnerability in an open-source Java logging library, continues to trouble many organisations even after patches have been issued, with 72% reportedly still vulnerable.
The bug has been widely exploited by nation-state actors, cybercriminals, and even ordinary crooks to deploy malware on systems. Experts warn that the bug presents a long-term challenge due to its pervasiveness and the difficulty in tracking it in complex application dependencies.