LunaSec

Spring4Shell: No need to panic, but mitigations are advised

March 31, 2022

Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …

Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)

December 10, 2021

A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, …

Resources

Download: Secure Foundations for AI Workloads on AWS
Download: Automating Pentest Delivery Guide
CIS Benchmarks March 2026 Update

Don't miss

The uptime questions every engineering leader should ask this week
LLM security advice looks solid until you check the hard cases
Scoring AI hackers when there is no answer key
Law enforcement hits StealC and Amadey malware networks
Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)

LunaSec

Spring4Shell: No need to panic, but mitigations are advised

Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)

Featured news

Resources

Don't miss