Log4Shell remains big threat and common cause for security breaches

The Log4Shell vulnerability in the popular open-source Java library, Log4j, is still a common cause for security breaches a year after patches were released, highlighting the need for enterprises to adopt better software composition analysis and secure supply chain management. Approximately 72% of organisations still had Log4Shell-vulnerable assets as of October 2022. Exploitation of the flaw remains high, with around 50 million detections per month, affecting a variety of industries and systems.