There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours?

Hackers could take control of millions of servers, shutting them down or forcing them to spew malware due to widely-used faulty code. Here's how it happened, and what can you do to protect yourself.

What Kind of Vulnerability Affects Log4j in Java? The vulnerability was in a commonly used remote logging tool called Log4j, which can be targeted by remote code execution. The tool, managed by the ...

Keep your code extensible, pluggable and adaptable -- that's what SOLID's open-closed principle in Java means. Here's an example of how to properly apply it.

A group of developers and maintainers scrambled to secure the Log4j vulnerability over the weekend, but there is still a lot of work to do to clean up the mess.

Security experts are sounding the equivalent of a five-alarm fire on a critical new zero-day vulnerability in Log4j, a logging framework that is ubiquitously present in Java software.

JFrog’s Security Research team detailed currently known Log4j vulnerabilities and outlined best practices for how to identify and address them in this blog, which is being continuously updated.

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers.

A vulnerability Log4j bug is causing Minecraft users to be exposed to potentially dangerous threats. Learn more about the issue.