LunaSec

Spring4Shell: No need to panic, but mitigations are advised

March 31, 2022

Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …

Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)

December 10, 2021

A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, …

Resources

Download: Secure Foundations for AI Workloads on AWS
Download: Automating Pentest Delivery Guide
CIS Benchmarks March 2026 Update

Don't miss

Attackers are exploiting FortiSandbox vulnerabilities
SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)
Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Reachability makes AI threat modeling worth the trust
EU Cybersecurity Act 2.0: When good regulation goes bad

LunaSec

Spring4Shell: No need to panic, but mitigations are advised

Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)

Featured news

Resources

Don't miss