The Apache Software Foundation recently announced the General Availability of Log4j 2.0, containing many performance improvements over its predecessor Log4j 1.x. Years in the making, this release ...

Beveiligingsonderzoekers melden opnieuw een kwetsbaarheid te hebben gevonden in Java-feature log4j, die het mogelijk maakt om op afstand code uit te voeren.

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.

The US Cybersecurity and Infrastructure Security Agency have ordered all civilian federal agencies to patch the Log4j vulnerability and three others by December 24, adding it to the organization's ...

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

Log4j, an open source project, allows developers to control which log statements are output with arbitrary granularity. It's fully configurable at runtime by using external configuration files ...

Waratek combines a Log4J Vulnerability Scanner and API security in its Java Security Platform to provide users with the ability to scale strategic risk mitigation in the enterprise.

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI.

Log4j, the popular logging library for Java, will include a number of configuration options that allows it to run in a completely garbage-free manner. The release follows previous attempts to ...