Skip to main content Learn how LunaSec helps protect you from 0-days, and Star us on GitHub . Docs Blog Contact Us GitHub 🌜 🌞 Search Recent posts Log4Shell: RCE 0-day exploit found in log4j2, a popular Java logging package Why your Content Security Policy isn't as secure as you think How Data Breaches happen and why Secure by Default software is the future BuildKit intermediate caching in CI How to build an Open Source Business in 2021 (Part 1) December 9, 2021 · 7 min read Free Wortley CEO at LunaSec Chris Thompson Developer at Lunasec Updated @ December 10th, 10am PST A few hours ago, a 0-day exploit in the popular Java logging library log4j2 was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is...