The Next Web

The Log4j bug exposes a bigger issue: Open-source funding (Updated)

Update (December 14 ,2021): We’ve updated this article with information about the new Log4j version release, along with new exploit vectors, and risks related to all Java versions. While you were ...
Bleeping Computer

All Log4j, logback bugs we know so far and why you MUST ditch 2.15

Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has already set the internet on fire. Log4j usage is rampant among many software products and multiple ...
SDxCentral

SolarWinds to Log4j: More Risk Management Wake-Up Calls

Cybersecurity practitioners started this year with the struggle of addressing the SolarWinds supply chain attack, and now the Log4j vulnerability is another wake-up call for the need to set up ...