Apache Log4j Mitigation Summary Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library.

A single flaw in Apache Log4j spiraled into one of the most dangerous exploits ever found. Experts warned it could have taken down the entire internet.

If you're not certain whether your Java project is free from Log4j vulnerabilities, you should try this easy-to-use scanning tool immediately.

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that ...

A vulnerability in a widely used Apache library has caused Internet-wide chaos—and the trouble may just be starting.

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed.

The Apache Software Foundation published a new Log4j patch late on Friday after discovering issues with 2.16.

The U.S. Food and Drug Administration (FDA) warned Friday that widespread cybersecurity vulnerabilities in commonly used software could affect medical devices by allowing unauthorized users to ...

Criminal groups and even suspected state-sponsored hacking groups continue to exploit a serious vulnerability in Apache Log4j with ransomware and other forms of malware.

Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. As expected, nation ...