Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.

The top U.S. cybersecurity officials have called the Log4j vulnerability one of the most serious security flaws in decades. The Common Vulnerability Scoring System (CVSS), which rates the severity of ...

As companies scramble to address the newly exploited, ubiquitous Log4j vulnerability, companies’ actions are now the potential source for government scrutiny. Our ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More As cybersecurity teams grapple with having to potentially patch their ...

Multiple governments’ cyber agencies have released a long list of technology vendors and their products that are impacted by the Log4j vulnerability. They include the U.S. Cybersecurity and ...

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...

CISA Director Jen Easterly on Log4j: “These vulnerabilities are the most severe that I’ve seen in my career.” 1 On December 11, 2021, the Cybersecurity and Infrastructure Security Agency (CISA), in ...

It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. It’s not my intention to be alarmist about the Log4j vulnerability ...

Beware of the Log4j vulnerability! This nasty software bug has much of the IT world in a panic as it follows us into the New Year. No doubt, many organizations and SMBs with no IT staff are clueless ...

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.