修完又复活，史诗级Log4j漏洞爆发1年仍“阴魂不散”，下一场暴雷可能已在路上 ...

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point. APT35 is one of several ...

First detailed in December, the vulnerability (CVE-2021-44228) allows attackers to remotely execute code and gain access to systems that use Log4j, a widely used Java logging library.

Log4j is patched, but the exploits are just getting started As updates to affected software slowly roll out, other quicker fixes are a crucial stopgap ...

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

A Year Later, That Brutal Log4j Vulnerability Is Still Lurking Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited. Photograph: zf L/Getty Images ...

China’s largest cloud service provider said it would improve compliance after it was disciplined by the government for failing to first report the Log4j vulnerability to Chinese authorities.

A serious code execution vulnerability in Log4j has security experts warning of potentially catastrophic consequences for enterprise organizations and web apps.

Here’s what you should know: What is Log4j and why does it matter? Log4j is one of the most popular logging libraries used online, according to cybersecurity experts.

Here’s what you should know: What is Log4j and why does it matter? Log4j is one of the most popular logging libraries used online, according to cybersecurity experts.