Wherever you find Log4j, you need to update it to the latest 2.15.0 version patch. Here is a list of software that has an identified Log4j Shell vulnerability and the corresponding remedial measure.

A vulnerability in the Log4j logging framework has security teams scrambling to put in a fix.

A Year Later, That Brutal Log4j Vulnerability Is Still Lurking Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited.

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s ...

Log4Shell is the latest hacker exploit rocking the internet, and it’s arguably the worst yet. The vulnerability is in an obscure piece of software used on millions of computers.

Log4j/Shell will remain a challenging and high-risk situation for organizations, particularly with nation-state and lower-skilled threat actors alike taking advantage of the flaw.

According to several cybersecurity companies monitoring the situation, attackers are still targeting VMware Horizon servers through Log4J vulnerabilities.

Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success.

Late last week, cybersecurity firm LunaSec uncovered a critical vulnerability in the open-source Log4j library that could give hackers the ability to run malicious code on remote servers ...