There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. There’s an enormous amount of software vulnerable to ...

A critical flaw in a popularly used Java library is being exploited by malicious actors to deliver malware, while security researchers are scanning for vulnerable servers. The flaw and a ...

The UK National Cyber Security Centre (NCSC) is urging company boards to start asking key questions about how prepared they are to mitigate and remediate the ...

A North Korean hacking and cyber-espionage operation breached the network of an engineering firm linked to military and energy organisations by exploiting a cybersecurity vulnerability in Log4j. First ...

The Log4j security vulnerability known as Log4Shell is shaping up to be one of the worst security flaws of the year, potentially affecting millions of applications and painting a bullseye on unpatched ...

Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future. Earlier this month, security researchers uncovered a ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Thanks in large part to the massive ...

The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it. Attackers ...

After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn’t need another big issue to take care of, but they ...

The critical vulnerability disclosed Dec. 10 in Java logging package Log4j has sent shockwaves throughout the industry given how frequently that open-source library is used to develop enterprise ...