News

Threat Post3y

Java Code Repository Riddled with Hidden Log4j Bugs; Here's Where to ...

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.
IT News For Australia Business3y

Log4j's project sponsorship skyrockets after critical bug exploitation

Log4j is a popular logging library for Java which, due to insecure handling of directory lookups, allows the remote execution of arbitrary code in its default configuration.
adtmag.com2y

Waratek Adds Log4J Scanner and API Security to its Java Security ...

We first reported on the vulnerability in the Apache Logging Service at the end of 2021. It's a critical-remote code execution (RCE) vulnerability (CVE-2021-44228) in the Apache Software Foundation's ...