Content Paint
Search
Sign in
Membership

log4j

Security  | Dec 09, 2022
Log4J at 1: A third of downloads still vulnerable to RCE
Log4J at 1: A third of downloads still vulnerable to RCE

A year after a critical vulnerability in a ubiquitous piece of open source software, Log4J, set off what The Stack described at the time as an “internet cluster bomb”, nearly 40% of downloads of the popular open source java logging library are still of the vulnerable version – despite the high

Security  | Apr 29, 2022
The 10 most-exploited vulnerabilities of 2021: Not patched? Likely pwned...
The 10 most-exploited vulnerabilities of 2021: Not patched? Likely pwned...

Attackers continue to accelerate their weaponisation of newly-discovered flaws, the Five Eyes list of most-exploited vulnerabilities of 2021 shows. Contrary to some reports suggesting fears of mass-exploitation had been over-indexed, the flaw in Log4j joined the most widely-exploited vulnerabilities last year, despite only being discovered at the year's

Security  | Feb 15, 2022
CrowdStrike names Turkey and Colombia as significant new sources of cyber-attacks
CrowdStrike names Turkey and Colombia as significant new sources of cyber-attacks

New state actors, labelled Wolf and Ocelot, identified in threat report

Security  | Jan 26, 2022
Log4j DIDN’t result in mass abuse – but VMware Horizon attacks continue
Log4j DIDN’t result in mass abuse – but VMware Horizon attacks continue

"Only a handful of customers faced attempted intrusions where Log4j was... the initial entry point

Security  | Dec 29, 2021
Microsoft security update sets klaxons blaring in... Microsoft Defender
Microsoft security update sets klaxons blaring in... Microsoft Defender

Microsoft flags one of its own processes as sensor tampering.

Security  | Dec 17, 2021
Bug in Log4j 2.15.0 also RCE: Severity raised to 9.0
Bug in Log4j 2.15.0 also RCE: Severity raised to 9.0

Whac-that-mole...

Security  | Dec 13, 2021
VMware vCenter “trivial to exploit” using Log4Shell, POC available
VMware vCenter “trivial to exploit” using Log4Shell, POC available

"All VCenter instances trivially exploitable by a remote and unauthenticated attacker."

Security  | Dec 13, 2021
Critical bug in ubiquitous Java framework sets off an internet cluster bomb
Critical bug in ubiquitous Java framework sets off an internet cluster bomb

AWS, Red Hat, VMware, more affected with pre-auth RCE exploits circulating

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2025 The Stack
©  2025 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.