Yahoo

log4j: Tech companies scramble to fix software vulnerability that ‘threatens entire internet’

The vulnerability, known as Log4shell, was identified in Apache’s Log4j software library that helps developers keep track of changes in the applications they build (AFP via Getty Images) Tech ...
TechSpot

Log4J patch to fix serious zero-day has its own vulnerability that is already actively exploited

Facepalm: The Log4J exploits that have been plaguing server administrators for the past week continue as the patch issued to block the intrusions appears to have security flaws of its own. Some ...
Bleeping Computer

Minecraft rushes out patch for critical Log4j vulnerability

Swedish video game developer Mojang Studios has released an emergency Minecraft security update to address a critical bug in the Apache Log4j Java logging library used by the game's Java Edition ...
Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
Threat Post

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...
CRN

Ransomware Gang Hijacking Log4j Bug To Hit Minecraft Servers

Outside of the ransomware space, Iranian hacking group APT 35 has attempted to exploit the Log4j flaw against seven targets in the Israeli government and business sector over the past day, Check Point ...