I wonder how times the software world wide that was using log4j has used was audited by security teams.

Once you know it, it's such a trivial exploit.

It shows that just because a software has been audited it's not necessarily secure. You have to look at the right spots to find the problems.

Sign in to participate in the conversation
Sheogorath's Microblog

This is my personal microblog. It's filled with my fun, joy and silliness.