Please turn on your JavaScript for this page to function normally.
Log4Shell: A retrospective
Now that the dust has settled on both the holiday season and the Log4j vulnerability that saw many of us working through it (CVE-2021-44228), it makes sense to look back and …
Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation
Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular …
Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)
A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, …
Featured news
Resources
Don't miss
- Why SBOMs, signing, and provenance still don’t tell you if software is safe
- Cynative: Open-source deep research agent
- Microsoft demystifies how Windows updates work
- A hardware security AI assistant that checks chips for hidden backdoors
- July 2026 Patch Tuesday forecast: Is CVE tracking still practical?