The widespread vulnerability that first appeared in Apache Log4j in 2021 will continue to be exploited, potentially even in worse ways than we've seen to date. The more worrisome aspect of these ...

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...

An Iranian state-sponsored hacking group has been found to be actively exploiting vulnerabilities in Apache Log4j to distribute a new modular PowerShell toolkit for nefarious purposes. Detailed ...

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...

Apache Software Foundation President David Nalley on Tuesday told the Senate Homeland Security & Government Affairs Committee it could take months, or even years, to fully eliminate the Log4j ...

Security teams should be alert to the possibility of compromise arising from a vulnerability in Apache Commons Text that may put many organisations at risk, but is unlikely to be as impactful as ...

The Apache Log4j vulnerability is one of the most serious vulnerabilities in recent years—putting millions of devices at risk. Here’s what you need to know. IT organizations worldwide are still ...

A flaw in widely used internet software has left companies and government officials scrambling to respond to a potentially glaring cybersecurity threat to global computer networks. The previously ...

The story so far: Log4j is a widely used software logging library for Java software. Earlier this month, information about a critical security vulnerability in the library was publicly disclosed by ...