The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...

Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises ...

To fix the vulnerability, log4j version 2.17.0 (for Java 8) has been released today and allows only "lookup strings in configuration" to expand recursively.

Royce Williams , who works for cyber security company Alaskan Cyber Watch , has released a cheat sheet about the zero-day vulnerability 'Log4Shell ' discovered in Java's log output library Log4j.