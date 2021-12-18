A top cybersecurity agency in the US is cautioning that a new software vulnerability has been uncovered that could lead to hundreds of millions of device hacks.

Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert advising that they’ve discovered a flaw that will require some of the nation’s largest industries to “take action” or risk being the victim of hackers.

According to reports, hackers have been using the flaw in an effort to break into some organizations’ computer networks. It is unclear if they were successful in infiltrating any major US company.

The vulnerability is in Java-based software known as "Log4j" that large organizations, including some of the world's biggest tech firms, use to log information in their applications.

It reportedly allows hackers an easy in to access computer servers, providing access that could potentially lead to an attack on the network, though it is unlikely to threaten the security of people’s personal devices.

Some tech giants, including Amazon, and IBM have already taken steps to address the issue, which could take weeks to fully implement a fix.

“This vulnerability is one of the most serious that I've seen in my entire career, if not the most serious,” Easterly said to CNN.

"We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damaging incidents.”

