The Apache Software Foundation's log4j logging library is one of the better logging systems around. It's both easier to use and more flexible than Java's built-in logging system. This article ...

Log4Shell ain't over until it's over, warns the US review board tasked with investigating the critical Apache Log4J flaw known as Log4Shell.

Almost a year on from Log4j's disclosure, a joint alert by CISA and the FBI warns organizations that if they haven't protected their systems against it yet, they really need to now.

“The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career,” Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency, said.

China’s largest cloud service provider said it would improve compliance after it was disciplined by the government for failing to first report the Log4j vulnerability to Chinese authorities.

Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter.

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that ...

Researchers at cybersecurity giant Check Point said today that they’ve observed attempted exploits of the Log4j vulnerability, known as Log4Shell, on more than 44% of corporate networks worldwide.

Hackers launch over 840,000 attacks through Log4J flaw Researchers claim Chinese government groups are among the perpetrators.

A serious code execution vulnerability in Log4j has security experts warning of potentially catastrophic consequences for enterprise organizations and web apps.