Photo: Getty Images
The U.S. Cybersecurity and Infrastructure Security Agency warned tech companies about a dangerous software vulnerability that puts hundreds of millions of devices at risk.
"This vulnerability is one of the most serious that I've seen in my entire career, if not the most serious," the agency's director Jen Easterly, said on a phone call shared with CNN.
According to CyberScoop, the flaw was in the Log4j software library, which is used by Minecraft, Apple iCloud, Cloudflare, Twitter, and other companies to track software.
Easterly said officials are worried that "sophisticated actors" could use the exploit to gain access to a user's computer network.
"We expect the vulnerability to be widely exploited by sophisticated actors, and we have limited time to take necessary steps in order to reduce the likelihood of damaging incidents," Easterly said.
According to Wired, hackers have been trying to exploit the vulnerability for the past month, but the number of attempts skyrocketed after it was publicly disclosed last week.
Officials said it could take several weeks to identify and fix all the machines impacted by the security flaw.
"This will be a multiweek process where new actors are exploiting the vulnerability," Eric Goldstein, CISA's executive assistant director for cybersecurity, said on the phone call.