There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours?

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers.

Cyber attackers are making over a hundred attempts to exploit a critical security vulnerability in Java logging library Apache Log4j every minute, security researchers have warned.

Attackers are actively exploiting a critical vulnerability in Apache Log4j, a logging library that’s used in potentially millions of Java-based applications, including web-based ones.

A WARNING has been issued for those who use the Log4J logging library that a spreading botnet could open up “a whole new pool of potential victims.” The warning was issued by Cybersecur… ...