Nightmare before Christmas: What to know about the Log4j breach

A vulnerability living inside a Java-based software known as "Log4j" shook the internet this week.

The list of potential victims encompasses nearly a third of all web servers in the world, according to cybersecurity firm Cybereason. Twitter, Amazon, Microsoft, Apple, IBM, Oracle, Cisco, Google, and one of the world's most popular video games, Minecraft count themselves among the slew of tech and industry giants running the popular software code that U.S. officials estimate have left hundreds of millions of devices exposed.

By Thursday, more than 3,700,000 hacking attempts had been made to exploit the vulnerability, according to leading cybersecurity firm Checkpoint, with more than 46% conducted by known malicious groups.