North Korean hackers remain relentless in exploiting the Log4Shell vulnerability worldwide. Recent reports reveal that these hackers, operating under the guise of "Andariel" within the Lazarus ...

“Our investigation shows that successful intrusions in these campaigns led to the deployment of the Night Sky ransomware,” Microsoft noted. Identified earlier this month by Twitter group ...

Delivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector, supplementing its usual remote login brute ...

The threat actor known as Lazarus Group has been observed targeting the Log4Shell vulnerability (CVE-2021-44228) in a new series of attacks dubbed “Operation Blacksmith.” According to a new advisory ...

From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed ...

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...

A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell. It's been more than two years since the critical vulnerability in Log4j was first unleashed unto this earth, ...

A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning ...

Interest continues to build for creating a safer open source software ecosystem, in part because of the code vulnerability Log4Shell, which one recent report predicts will pose a risk for the next ...

As we pass the first anniversary of the Log4j vulnerability disclosure, it's a timely reminder that when a vulnerability is serious, it deserves our utmost attention. Organizations taking ...

Researchers at cybersecurity software provider Qualys Inc. are warning of an OpenSSH vulnerability affecting more than 14 million servers that some security researchers are calling “extremely ...