Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor ...

A year ago, as Russia amassed troops at its border with Ukraine and the Covid-19 Omicron variant began to surge around the world, the Apache Software Foundation disclosed a vulnerability that set off ...

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...

The technology world is entering a new phase where code complexity and widespread use of global software tools have opened the door for a damaging security flaw that can last for years. The urgency to ...

The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November — even though the number of publicly ...

Even though it was discovered and patched two years ago, the Log4j vulnerability still poses a major threat to businesses everywhere, new research has claimed. A report by Veracode has argued ...

Hackers continue to exploit the Log4j vulnerability in vulnerable applications, as shown by the Iranian 'MuddyWater' threat actor who was found targeting Israeli organizations using the SysAid ...

The widespread vulnerability that first appeared in Apache Log4j in 2021 will continue to be exploited, potentially even in worse ways than we've seen to date. The more worrisome aspect of these ...

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how visibility and shift-left security reduce exposure.