Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...

The popular cPanel web hosting server control panel software recently issued a patch to fix a critical flaw in the log4j Java library discovered in part of the software used for email. The ...

Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to ...

Vulnerable Log4j code can be found in products from some of the most prominent technology vendors like Cisco, IBM, and VMware, and as well as one serving the MSP community like ConnectWise and N-able.

It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. It’s not my intention to be alarmist about the Log4j vulnerability ...

Criminal groups and even suspected state-sponsored hacking groups continue to exploit a serious vulnerability in Apache Log4j with ransomware and other forms of malware. According to research from ...