Log4Shell (CVE-2021-44228) is a remote code execution vulnerability affecting some versions of Log4J, particularly Apache Log4J 2 (versions 2.14.1 and earlier). This flaw stems from how these versions handle Java Naming and Directory Interface (JNDI) lookups. It allows hackers to execute malicious code remotely by tricking this older JNDI functionality into executing a download command from a server containing malware.
VMware ESXi, Firefox, Red Hat Linux & SharePoint 0-Day Vulnerabilities Exploited
During Pwn2Own Berlin 2025, researchers exposed critical zero-day vulnerabilities in major platforms like VMware ESXi and Microsoft SharePoint, earning $435,000 in bounties. Notably, Nguyen Hoang
