A month after the disclosure of CVE-2021-44228, aka Log4Shell, a critical vulnerability in the Apache Log4j Java package, up to 40% of new downloads are still at risk of compromise despite the ...

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. There’s an enormous amount of software vulnerable to ...

U.S. organizations that fail to secure customer data against Log4Shell, a zero-day vulnerability in the widely used Log4j Java logging library, could face legal repercussions, the Federal Trade ...

Het Nationaal Cyber Security Centrum (NCSC) ziet weinig misbruik van de Log4j-kwetsbaarheid in Nederland, zo laat de overheidsinstantie tegenover Security.NL weten. Waakzaamheid blijft echter geboden.

Ernie Smith is a former contributor to BizTech, an old-school blogger who specializes in side projects, and a tech history nut who researches vintage operating systems for fun. Late last year, a major ...

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

The remotely exploitable flaw in Log4j – the widely deployed Java error logging library -- is being attacked by multiple actors and likely will remain so for many ...

A wave of cyber attacks exploiting the Log4Shell remote code execution (RCE) vulnerability in Apache Log4j Java logging component seems to be targeting users of VMware Horizon servers, according to ...

CrowdStrike on Thursday presented advice for organizations attempting to address a security vulnerability in the Log4j Java logging framework used in Apache Web servers, currently undergoing ...

The UK National Cyber Security Centre (NCSC) is urging company boards to start asking key questions about how prepared they are to mitigate and remediate the ...