The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...

The beam-vendor-calcite-1_28_0 contains a bunch of shaded dependencies with major security vulnerabilities. For example, log4j:1.2.17 and protobuf-java:3.19.2. Are there any plans to upgrade the ...

SolarWinds and Log4j have made software supply chain security issues a topic of intense interest and scrutiny for businesses and governments alike. SolarWinds was a terrifying example of what can go ...

Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...

Copyright 2025 The Associated Press. All Rights Reserved. Copyright 2025 The Associated Press. All Rights Reserved. FILE - The Department of Homeland Security logo is ...

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...

A newly-discovered zero-day vulnerability known as Spring4Shell could have “a larger impact” than Log4j. Log4j made waves in recent months as the vulnerability in the popular open-source logging ...

A wave of cyber attacks exploiting the Log4Shell remote code execution (RCE) vulnerability in Apache Log4j Java logging component seems to be targeting users of VMware Horizon servers, according to ...

The Log4j vulnerability emerged as a critical cybersecurity risk factor at the end of 2021, threatening to leave millions of devices open to attack. The scope of the flaw, which targets a widely used ...

Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications ...