Security teams should be alert to the possibility of compromise arising from a vulnerability in Apache Commons Text that may put many organisations at risk, but is unlikely to be as impactful as ...

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...

The so-called Log4Shell vulnerability in the Apache Log4j2 Java-based logging library has been described variously as “probably the most critical vulnerability we have seen this year” by Qualys’s ...

Microsoft has warned Windows and Azure customers to remain vigilant after observing state-sponsored and cyber-criminal attackers probing systems for the Log4j 'Log4Shell' flaw through December.

It’s been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of the available fixes is ...

What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. The internet has a ...

Why it matters: Earlier this week, developers of the open-source security platform LunaSec discovered a zero-day vulnerability affecting a widely used Java-based logging library. The vulnerability, ...