The discovery, which affects services running as localhost that aren’t exposed to any network or the internet, vastly widens the scope of attack possibilities. Defenders will once again be busy ...

The Log4Shell anniversary is here. It has been a year since the initial discovery and publication of Log4Shell (CVE-2021-44228), which was without a doubt one of the most meaningful vulnerabilities in ...

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has identified 32 ...

Log4Shell hit the market hard at the end of 2021. According to a recent story we published, it’s still one of the biggest vulnerabilities, 18 months after it initially appeared. How serious is the ...

German software maker SAP is scrambling to patch the Log4Shell vulnerability in its applications and has rolled out fixes for tens of other severe flaws in its products. German software maker SAP is ...

Late last week, details emerged about a wide-reaching security vulnerability that affected tons of online services and apps, including Apple’s iCloud service. However, the iPhone-maker has reportedly ...

Nation-state groups from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) vulnerability to gain access to targeted networks, Microsoft said on Tuesday. "This ...

A critical security hole affecting Apache Commons Text has been compared to the notorious Log4Shell vulnerability, but experts say it’s not as widespread. A critical security hole affecting Apache ...

Everyone is talking about Log4Shell, a zero-day remote code execution exploit in versions of log4j, the popular open source Java logging library. In fact, I’ve received so many emails from PR agencies ...

Log4Shell, the critical bug in Apache's widely used Log4j project, hasn't triggered the disaster that was feared, but it's still being exploited and predominantly from cloud computers in the US. The ...

The CVE-2022-42889 that was dubbed as Text4Shell or ACT4Shell created a lot of noise on social media when it was published (on October 13th), mainly because of the comparison to Log4Shell. For those ...