Although no information about industrial control systems being breached via Log4j has yet been made public, the threat exists.

Log4j Vulnerability Could Be Here For a Decade, Cyber Safety Review Board Says The widespread vulnerability is the first issue tackled by the new board.

Apache Software Foundation President David Nalley on Tuesday told the Senate Homeland Security & Government Affairs Committee it could take months, or even years, to fully eliminate the Log4j ...

The Log4j vulnerability remains a pertinent issue in cybersecurity over 12 months since it was first discovered. It is clear that the industry, along with government, still has work to do to ...

The Log4j vulnerability has led to few major cyber attacks so far, Sophos found. But attacks via Log4Shell could occur well into the future.

It’s not my intention to be alarmist about the Log4j vulnerability (CVE-2021-44228), known as Log4Shell, but this one is pretty bad.

Microsoft said it discovered previously undisclosed issues with the SolarWinds Serv-U software while looking for Log4J vulnerabilities.

A Year Later, That Brutal Log4j Vulnerability Is Still Lurking Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited. Photograph: zf L/Getty Images ...

The Log4j 2 vulnerability was a black eye for the Java community. Here's how to protect yourself today, and how the community can protect itself in the future.

The Prophet Spider gang uses the Log4Shell vulnerability to target the Tomcat service in unpatched VMware Horizon systems.