Apple, Cloudflare, and Minecraft could all be vulnerable to hackers due to a 'critical' security flaw.

Experts have warned that Apple, Cloudflare, and Minecraft may be vulnerable to a "critical" security flaw.

As hackers swoop, the top cyber official at the Department of Homeland Security has urged businesses and governments to act quickly.

Meanwhile, all federal agencies have been told that they must update their software as soon as possible.

Jen Easterly, the head of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, warned of vulnerabilities in the Java-based software 'Log4j.'

According to researchers, the app is used by some of the world's largest tech companies, including Apple.

The flaw could make it relatively easy for a hacker to gain access to a company's computer server.

They could then look for other ways to gain access to systems.

Experts say the fallout could last for weeks as bosses scramble to fix the problem.

At the weekend, a hacking tool was made public on GitHub, providing attackers with a road map for breaking into devices.

On Monday, Easterly said her agency would call critical infrastructure companies across the country to brief them on the situation.

The Apache Software Foundation, which oversees Log4j, has issued a security update.

CNN spoke with cybersecurity experts who said it's unclear how many devices on the internet are affected by the flaw.

IT executives around the world, on the other hand, are bracing for problems.

According to Kevin Beaumont, a researcher who monitors emerging software flaws, the problem is similar to "lock[ing] the doors to your car, but then allowing anyone to shout commands at Siri from outside the car to remotely drive it."

"Log4j is buried deep inside products and [organizations], gonna be painful to fix," he wrote on Twitter.

In other news, Microsoft announced on Monday that it had disrupted a state-backed Chinese hacking group's cyber-spying.

The company said a Virginia federal court granted its request to seize the domains from the group known as Nickel, but also known as APT15 and Vixen Panda, which gathered intelligence from foreign ministries, think tanks, and human rights organizations in 29 countries, including the United States.

Get the amazing news right in your inbox

about author
Leave a Reply