The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI.

A group of developers and maintainers scrambled to secure the Log4j vulnerability over the weekend, but there is still a lot of work to do to clean up the mess.

Understand the Log4j2 vulnerability and learn how you can tell (and what you should do) if your Gradle or Maven applications are exposed.

Two MSPs who were not impacted still took the vulnerability as serious as possible, saying you must stay ready and assume the vulnerability is there.

The vulnerability in Apache Log4j could allow hackers to plant a backdoor and launch their cyberattack months or years in the future.

A vulnerability in a widely used Apache library has caused Internet-wide chaos—and the trouble may just be starting.

Vulnerable log4j code can be found in products from some of the most prominent technology vendors like Cisco, IBM, and VMware, and as well as one serving the MSP community like ConnectWise and N-able.

GOOGLE is warning users over a vulnerability that can be exploited by hackers. Apache Log4j 2 utility is an open-source Apache framework that is used for logging requests. A vulnerability was… ...

Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter.