As a fellow maintainer of an open source project, this is an intense and somewhat scary read. Thanks to @grobmeier for being so open to talk about what he experienced and GitHub for initiating their Secure Open Source Fund!

https://github.blog/open-source/inside-the-breach-that-broke-the-internet-the-untold-story-of-log4shell/