On December 9, 2021, a critical zero-day vulnerability affecting Apache’s Log4j2 library, a Java-based logging utility, was disclosed to the world and broke the internet. As the third most used ...

Imagine the scene: a severe vulnerability emerges that affects organisations worldwide, allowing unauthorised access to highly sensitive data. This scenario happened in late 2021 when a popular open ...

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...

Everyone is talking about Log4Shell, a zero-day remote code execution exploit in versions of log4j, the popular open source Java logging library. In fact, I’ve ...

Security teams around the globe are scrambling to fix Log4Shell, a critical security flaw in Log4j, an open source logging software that’s found practically everywhere from online games to enterprise ...

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...

The infamous Log4Shell vulnerability was exploited as an initial infection vector in 31% of cases monitored by Lacework over the past six months. The software vendor’s latest Lacework Cloud Threat ...

An "extremely bad" Log4Shell exploit was spotted giving hackers an easy way to execute code on machines with the vulnerability. With that, security teams and companies both big and small are all ...

Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote ...

So much for a quiet holiday season: CVE-2021-44228 (aka Log4Shell) may well be the most impactful vulnerability we've seen in years. Let's look at what makes this vulnerability special, how multiple ...