From bleepingcomputer.com
Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises alike to remote code execution attacks.
Log4j is developed by the Apache Foundation and is widely used by both enterprise apps and cloud services.
Thus, while home users might have moved on from Java, anything from enterprise software to cloud software such as Apple’s iCloud and Steam is likely vulnerable to RCE exploits targeting this vulnerability.