Apple has patched the Log4Shell iCloud vulnerability, after it was last week revealed that a security hole in the open-source tool log4j put millions of apps at risk. Cybersecurity experts described ...

Bernd Greifeneder is the CTO and Founder of Dynatrace, a software intelligence company that helps to simplify enterprise cloud complexity. Rarely has an obscure piece of open-source code captured the ...

A year ago, as Russia amassed troops at its border with Ukraine and the Covid-19 Omicron variant began to surge around the world, the Apache Software Foundation disclosed a vulnerability that set off ...

Aikido Security today announced it has acquired Root, uniting behind a shared mission to make it easy for developers and agents to build with secure open source and tackle the growing threat of supply ...

Amazon Web Services (AWS) has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability (CVE-2021-44228) affecting cloud or on-premise environments ...

Log4Shell malware vulnerability vaccine is now out for free, which seeks to help lessen the risk of getting hacked by cyber attackers using the massively widespread zero-day exploit. BERLIN, GERMANY - ...

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has identified 32 ...

The Log4shell vulnerability was a weakness in the JNDI lookup functionality of Log4j2, between version 2.0 and 2.14. This allowed an attacker, who had control over what was printed in the logs (for ...

A newly disclosed remote code execution vulnerability in Spring Core, a widely used Java framework, does not appear to represent a Log4Shell-level threat. Security researchers at several organizations ...

In a blog post, the company said that CVE-2021-42392 should not be as widespread as Log4Shell, even though it is a critical issue with a similar root cause. JFrog explained that the Java Naming and ...

Just as the holiday season is approaching our doorstep, a critical vulnerability in an Apache code library called Log4j 2 has come knocking at the door. Log4j is an open-source Java-based logging ...

Security teams should be alert to the possibility of compromise arising from a vulnerability in Apache Commons Text that may put many organisations at risk, but is unlikely to be as impactful as ...