A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours?

Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future.

Understand the Log4j2 vulnerability and learn how you can tell (and what you should do) if your Gradle or Maven applications are exposed.

ExtraHop threat researchers have observed attackers in the wild using encrypted traffic to avoid detection of Log4Shell attacks. This is consistent with the general trend of cyberattackers using ...

If you're not certain whether your Java project is free from Log4j vulnerabilities, you should try this easy-to-use scanning tool immediately.

Microsoft has warned Windows and Azure customers to remain vigilant after observing state-sponsored and cyber-criminal attackers probing systems for the Log4j 'Log4Shell' flaw through December ...

The Log4Shell vulnerability will be difficult to detect and fix in many cases, as Apache Log4j is used unknowingly in many software products.

Researchers at two cybersecurity companies have detected hundreds of thousands of attempts to launch cyberattacks using the recently disclosed vulnerability in Log4j.