The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...

Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises ...

Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to ... Over 35,000 Java packages have Log4j flaws.

For its part, the Apache Logging Services team will “continue to evaluate features of Log4j that could have potential security risks and will make the changes necessary to remove them.

Log4Shell/LogJam is a zero-day exploit in version 2 of the log4j Java logging library that can result ... code execution with this vulnerability due to the inclusion of the Java Security Manager.

Security warning: New zero-day in the Log4j Java library is already being exploited, ZDNet, 12/10/21; Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet, Ars Technica, 12/10/21; ...

Dr. Richard Ford, CTO of Praetorian, said the Log4j vulnerability can be subtle, and while it is sometimes revealed with simple scanning, it is also frequently found buried deep in customer ...

The story so far: Log4j is a widely used software logging library for Java software. Earlier this month, information about a critical security vulnerability in the library was publicly disclosed ...