Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More As cybersecurity teams grapple with having to potentially patch their ...

The gargantuan crisis spurred by log4j isn’t over yet—not even close. Over the past week, new vulnerabilities have been discovered in the unfortunate Apache logging library (whose ubiquitous ...

Last Thursday, the world learned of an in-the-wild exploitation of a critical code-execution zero-day in Log4J, a logging utility used by just about every cloud service and enterprise network on the ...

Iran-based threat actor MuddyWater (tracked by Microsoft as MERCURY) has been leveraging the exploitation of Log4j 2 vulnerabilities in SysAid applications to target organizations in Israel. The news ...

After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn’t need another big issue to take care of, but they ...

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...

Community driven content discussing all aspects of software development from DevOps to design patterns. In case you’ve been hiding under a rock – or perhaps hiding from endless yelping about security ...

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...

Apache Software Foundation President David Nalley on Tuesday told the Senate Homeland Security & Government Affairs Committee it could take months, or even years, to fully eliminate the Log4j ...

The U.S. Food and Drug Administration (FDA) warned Friday that widespread cybersecurity vulnerabilities in commonly used software could affect medical devices by allowing unauthorized users to take ...

UPDATE, 12/16: Cybersecurity experts are saying that attackers connected with nation-states, including China and other governments, are actively exploiting the Log4jShell vulnerability. On Thursday, ...

The Apache Software Foundation has released a new patch for Log4j, the Java-based logging utility that has seen vulnerabilities targeted en masse by hackers since Dec. 13. Log4j 2.17.1, the fifth ...