News

The Apache Software Foundation recently announced the General Availability of Log4j 2.0, containing many performance improvements over its predecessor Log4j 1.x. Years in the making, this release ...
Apache Log4j Mitigation Summary Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library.
A critical vulnerability has been discovered in Apache Log4j 2, an open source Java package used to enable logging in many popular applications, and it can be exploited to enable remote code ...
The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI.
What is Apache Log4j? The vulnerability, known as Log4j, comes from a popular open source product that helps software developers track changes in applications that they build.
Apache log4j The log4Shell vulnerability, discovered by the Alibaba Cloud Security Team and disclosed by Kronos on December 9, 2021, has affected multiple versions of the Apache log4j 2 utility.
Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises ...
The Apache Software Foundation has released a new patch for Log4j, the Java-based logging utility that has seen vulnerabilities targeted en masse by hackers since Dec. 13. Log4j 2.17.1, the fifth ...
China’s largest cloud service provider said it would improve compliance after it was disciplined by the government for failing to first report the Log4j vulnerability to Chinese authorities.
A single flaw in Apache Log4j spiraled into one of the most dangerous exploits ever found. Experts warned it could have taken ...