在这个影响软件供应链根基的问题被自动化工具攻克之前，预计将有更多由 Log4j 引发的问题出现。 Log4j 漏洞风波暂平，但下一场暴雷可能已经在路上。 过去这一年，Log4j 频频暴雷。新年伊始，很多朋友可能觉得 Log4j 这事儿已经过去了。不，还没完呢。 2021 年 ...

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point. APT35 is one of several ...

China-linked hackers exploited multiple CVEs in April 2025 to target global entities with advanced persistence.

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has already set the internet on fire. Log4j usage is rampant among many software products and multiple ...

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...

A SBOM must be treated as a living document, updated with every code change, new release, or patch. Threat actors won't ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Jen Easterly, director of the Cybersecurity and Infrastructure Security ...

A year ago, as Russia amassed troops at its border with Ukraine and the Covid-19 Omicron variant began to surge around the world, the Apache Software Foundation disclosed a vulnerability that set off ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...

How to test if your Linux server is vulnerable to Log4j Your email has been sent Log4j is a serious vulnerability that has swept across the IT landscape quickly. Here ...