log4j-core-test/src/test/java/org/apache/logging/log4j/core/EventParameterMemoryLeakTest.java EventParameterMemoryLeakTest.java appender/rolling log4j-core-test/src ...

The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...

The beam-vendor-calcite-1_28_0 contains a bunch of shaded dependencies with major security vulnerabilities. For example, log4j:1.2.17 and protobuf-java:3.19.2. Are there any plans to upgrade the ...

SolarWinds and Log4j have made software supply chain security issues a topic of intense interest and scrutiny for businesses and governments alike. SolarWinds was a terrifying example of what can go ...

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...

A newly-discovered zero-day vulnerability known as Spring4Shell could have “a larger impact” than Log4j. Log4j made waves in recent months as the vulnerability in the popular open-source logging ...

A technically advanced hacking group backed by the Chinese government has compromised the computer systems of at least six US state governments, according to a newly published threat report from ...

While the worst of Log4Shell may be behind us and much work remains, let's say "Well done" to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the ...

The Log4j vulnerability emerged as a critical cybersecurity risk factor at the end of 2021, threatening to leave millions of devices open to attack. The scope of the flaw, which targets a widely used ...

VMware issued an "IMPORTANT" message to users of its Horizon virtual desktop offering, warning them to patch for critical Log4j vulnerabilities. Log4j is an open source Java logging library widely ...