这几天，Apache Log4j 2 绝对是众多 Java 程序员提到的高频词之一：由于 Apache Log4j 2 引发的严重安全漏洞，令一大批安全人员深夜修 Bug、打补丁。

在这个影响软件供应链根基的问题被自动化工具攻克之前，预计将有更多由 Log4j 引发的问题出现。 Log4j 漏洞风波暂平，但下一场暴雷可能已经在路上。

比利时政府官员公开承认遭到近期曝光的 Apache Log4j 漏洞网络攻击。本次攻击导致比利时国防部的部分计算机网络自周四以来一直处于关闭状态。

In December 2021, a critical vulnerability known as Log4Shell (CVE-2021-44228) was discovered in the widely-used Apache Log4j logging library. This flaw allowed attackers to execute arbitrary code on ...

Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has already set the internet on fire. Log4j usage is rampant among many software products and multiple ...

The vulnerability, which was reported late last week, is in Java-based software known as “Log4j” that large organizations use to configure their applications – and it poses potential risks ...

The Log4j vulnerability has been described as a “nightmare” and “catastrophic”, with some experts saying it is the most severe cybersecurity threat ever by number of devices affected.

Accelerate your tech game Paid Content How the New Space Race Will Drive Innovation How the metaverse will change the future of work and society Managing the Multicloud The Future of the Internet ...

If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she ...