A serious code execution vulnerability in Log4j has security experts warning of potentially catastrophic consequences for enterprise organizations and web apps.

Swedish video game developer Mojang Studios has released an emergency Minecraft security update to address a critical bug in the Apache Log4j Java logging library used by the game's Java Edition ...

Apache Software Foundation President David Nalley testifies to a Senate committee about the Log4j vulnerability. The discovery of easily exploitable weaknesses in Log4j, an open source piece of ...

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by& two Apache Log4j remote code execution vulnerabilities ...

The Apache Log4j vulnerability came to light quickly, which should help with the security response, cybersecurity executives said.

As of Friday, version 2.15.0 had been released: log4j-core.jar is available on Maven Central here, with release notes are available here and Apache’s Log4j security announcements available here.

Apache Log4j Mitigation Summary Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library.

The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded.

Third Log4J security flaw has been discovered. Thus, Apache issued another patch to fix the newly found “critical” Log4j vulnerability.

With respect to the Apache Log4j, security researchers at Alibaba Cloud discovered a zero-day vulnerability, meaning that without an emergency security update, every customer running a vulnerable ...