The discovery, which affects services running as localhost that aren’t exposed to any network or the internet, vastly widens the scope of attack possibilities. Defenders will once again be busy ...

The Log4Shell anniversary is here. It has been a year since the initial discovery and publication of Log4Shell (CVE-2021-44228), which was without a doubt one of the most meaningful vulnerabilities in ...

2025 included a number of monumental threats, from global nation-state attacks to a critical vulnerability under widespread ...

Log4Shell hit the market hard at the end of 2021. According to a recent story we published, it’s still one of the biggest vulnerabilities, 18 months after it initially appeared. How serious is the ...

Nation-state groups from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) vulnerability to gain access to targeted networks, Microsoft said on Tuesday. "This ...

Late last week, details emerged about a wide-reaching security vulnerability that affected tons of online services and apps, including Apple’s iCloud service. However, the iPhone-maker has reportedly ...

Everyone is talking about Log4Shell, a zero-day remote code execution exploit in versions of log4j, the popular open source Java logging library. In fact, I’ve received so many emails from PR agencies ...

Log4Shell, the critical bug in Apache's widely used Log4j project, hasn't triggered the disaster that was feared, but it's still being exploited and predominantly from cloud computers in the US. The ...

A critical security hole affecting Apache Commons Text has been compared to the notorious Log4Shell vulnerability, but experts say it’s not as widespread. A critical security hole affecting Apache ...

The CVE-2022-42889 that was dubbed as Text4Shell or ACT4Shell created a lot of noise on social media when it was published (on October 13th), mainly because of the comparison to Log4Shell. For those ...

The widely used Log4j logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including profit-driven cybercriminals and ...