Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...

The flaw in the application-logging component Log4j known as "Log4Shell" should have been patched by organisations months ago, but some systems that haven't been patched with available updates are ...

The National Cyber Security Centre (NCSC), alongside its Five Eyes partner agencies in Australia, Canada, New Zealand and the US, have released details of the 12 most exploited vulnerabilities of 2022 ...

Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found. Four months after the ...

The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November — even though the number of publicly ...

CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers. The Cybersecurity and Infrastructure Security Agency (CISA) and Coast Guard Cyber ...

The agency responsible for arbitrating disputes with federal employees was compromised in an Iranian government-linked hack earlier this year, according to a report. Hackers exploited the well-known ...

CISA issues a new Log4Shell risk warning since the cybersecurity agency believes many VMWare systems are still vulnerable to this flaw. A participant uses a laptop computer as he takes part in the ...

Delivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector, supplementing its usual remote login brute ...

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...

Imagine the scene: a severe vulnerability emerges that affects organisations worldwide, allowing unauthorised access to highly sensitive data. This scenario happened in late 2021 when a popular open ...