Bleeping Computer

CISA: Federal agencies required to patch Log4j by December 24th

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch systems against the critical Log4Shell vulnerability and released mitigation guidance in response to ...
Bleeping Computer

US orders federal govt agencies to patch critical Log4j bug

US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. The ...
ZDNet

Log4Shell flaw: Still being used for crypto mining, botnet building... and Rickrolls

Log4Shell, the critical bug in Apache's widely used Log4j project, hasn't triggered the disaster that was feared, but it's still being exploited and predominantly from cloud computers in the US. The ...
HHS

Log4Shell Update: VMware Horizon Targeted

A representative diagram of the Log4Shell attack on VMware Horizon (Source: U.K. National Health Service) Attackers have been actively targeting Log4j, or Log4shell, vulnerabilities in the servers of ...
Threat Post

Log4Shell Is Spawning Even Nastier Mutations

What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. The internet has a ...