Yahoo

log4j: Tech companies scramble to fix software vulnerability that ‘threatens entire ...

The vulnerability, known as Log4shell, was identified in Apache’s Log4j software library that helps developers keep track of changes in the applications they build (AFP via Getty Images) Tech ...
Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
ZDNet

Second Log4j vulnerability discovered, patch already released

A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE ...
AppleInsider

Log4j may be the worst vulnerability yet, says Department of Homeland Security

The US Cybersecurity and Infrastructure Security Agency warns that the newly discovered Log4j vulnerability will affect hundreds of millions of devices and that "no single action will fix the issue." ...
TechSpot

Log4J patch to fix serious zero-day has its own vulnerability that is already actively ...

Facepalm: The Log4J exploits that have been plaguing server administrators for the past week continue as the patch issued to block the intrusions appears to have security flaws of its own. Some ...
Ars Technica

Patch fixing critical Log4J 0-day has its own vulnerability that’s under exploit

Last Thursday, the world learned of an in-the-wild exploitation of a critical code-execution zero-day in Log4J, a logging utility used by just about every cloud service and enterprise network on the ...
techtimes

Minecraft Vulnerability Spotted | How to Fix Log4j Bug

A newly discovered vulnerability is now posing a huge threat towards Java versions of Minecraft, making it possible to execute malicious code on servers as well as end-user devices that are playing ...
Threat Post

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...
techtimes

Log4j Security Patch Meant to Fix it Also Carries a Critical Vulnerability

Log4j's security patch, which was meant to fix its flaws that could potentially spread malware, turns out to be carrying a critical vulnerability as well. A participant sits with a laptop computer as ...
CSOonline

Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps

The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it. Attackers ...
The Sun

How Log4j vulnerability could affect the WHOLE internet as tech giants race to fix flaw ...

CYBERSECURITY experts issued a warning about a software flaw called Log4j as tech giants are racing to prevent potential risks for internet users. Companies including Apple, IBM, Oracle, Cisco, Google ...