Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...

According to Verizon's 2024 Data Breach Investigations Report, cyberattacks and data breaches involving the exploitation of vulnerabilities have almost tripled compared to previous years. Our recent ...

Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications ...

Three years after its discovery, the Log4J vulnerability (CVE-2021-44228) exploit remains one of the most attempted exploits observed by cloud security provider Cato Networks. Cato Cyber Threat ...

Security teams should be alert to the possibility of compromise arising from a vulnerability in Apache Commons Text that may put many organisations at risk, but is unlikely to be as impactful as ...

Open-source software is everywhere, providing the backbone of the internet and offering long-lasting code for nearly every type of modern technology. But when a few lines of widely adopted code ...

The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...

Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor ...

Apache's HTTP Server is a critical component for hosting web applications worldwide. Recently, two significant vulnerabilities CVE-2024-40725 and CVE-2024-40898 have surfaced, raising alarms across ...

Open source code for commercial software applications is ubiquitous, but so is the risk Your email has been sent It was almost exactly one year ago that experts found ...