Gizmodo

Log4j Vulnerabilities Are Piling Up as Companies Scramble to Patch

The gargantuan crisis spurred by log4j isn’t over yet—not even close. Over the past week, new vulnerabilities have been discovered in the unfortunate Apache logging library (whose ubiquitous ...
Bleeping Computer

CISA: Federal agencies required to patch Log4j by December 24th

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch systems against the critical Log4Shell vulnerability and released mitigation guidance in response to ...