Royce Williams , who works for cyber security company Alaskan Cyber Watch , has released a cheat sheet about the zero-day vulnerability 'Log4Shell ' discovered in Java's log output library Log4j.

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.

More than 80% of Java packages affected by the vulnerability in the Apache Log4j library cannot be updated directly and will require coordination between different project teams to address the flaw.

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers.

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on ...

Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.

Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises ...

The maintainers of the Java Log4j project had only three sponsors, despite the software being a crucial part of large companies' commercial products and enterprise applications.

Attackers are actively exploiting a critical vulnerability in Apache Log4j, a logging library that’s used in potentially millions of Java-based applications, including web-based ones.