A new software vulnerability in a tool called Log4j has set the internet on fire, as experts try to assess the impact and shore up their systems, The Spinoff reports. “In the 15 or so years that I’ve been working in cybersecurity, this is probably the worst vulnerability I’ve seen,” said Adam Boileau of cyber security company CyberCX. Security issues aren’t that unusual, but they usually pop up in somewhat obscure pieces of software where the impact is limited. They’re also often fixed before anyone even realises they exist. But the new Log4j vulnerability is basically a worst case scenario: a very dangerous vulnerability, spread widely and being actively exploited right away.