”因此，虽然 Log4j 漏洞的爆发已过去一年，建议开发者可排查在 Java 应用中是否引入了 Log4j 组件，若存在则立即进行安全排查并升级至安全版本。

Attackers are actively exploiting a critical vulnerability in Apache Log4j, a logging library that’s used in potentially millions of Java-based applications, including web-based ones.

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...

IT之家 12 月 13 日消息，最近的Log4j 漏洞想必大家都知道了，11 月 9 日晚，开源项目 Apache Log4j 2 的一个远程代码执行漏洞的利用细节被公开，随后该 ...

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.

Security warning: New zero-day in the Log4j Java library is already being exploited Log4j flaw could be a problem for industrial networks 'for years to come' ...

If you're not certain whether your Java project is free from Log4j vulnerabilities, you should try this easy-to-use scanning tool immediately.

U.S. organizations that fail to secure customer data against Log4Shell, a zero-day vulnerability in the widely used Log4j Java logging library, could face legal repercussions, the Federal Trade ...

A WARNING has been issued for those who use the Log4J logging library that a spreading botnet could open up “a whole new pool of potential victims.” The warning was issued by Cybersecur… ...

A critical flaw in a popularly used Java library is being exploited by malicious actors to deliver malware, while security researchers are scanning for vulnerable servers.