The Record

Google: More than 35,000 Java packages impacted by Log4j vulnerabilities

Google's open-source team said they scanned Maven Central, today's largest Java package repository, and found that 35,863 Java packages use vulnerable versions of the Apache Log4j library. James ...
malaymail

DOE, MetMalaysia to air twice-daily API updates on RTM starting tomorrow

(New users only) It's tax relief season! Get up to RM300 when you save with Versa! Plus, enjoy an additional FREE RM10 when you sign up using code VERSAMM10 with a min. cash-in of RM100 today. T&Cs ...
CSOonline

Cloudflare report: Log4j remains top target for attacks in 2023

Log4j remained a top attack vector for threat actors in 2023, while a new vulnerability, HTTP/2 Rapid Reset is emerging as a significant threat to organizations, according to Cloudflare’s annual “Year ...
GitHub

log4j 1.2.17 dependency

It looks like it have some vulnerable log4j 1.2.17 dependency. Have you consider update to 2.17.2? output from mvn dependency:tree command below [INFO] --- maven-dependency-plugin:2.8:tree ...
The Globe and Mail

IGI CyberLabs Releases Automatic Update to its Nodeware(R) Solution that Identifies Log4j Vulnerabilities

PITTSFORD, NY / ACCESSWIRE / January 12, 2022 / IGI CyberLabs, a subsidiary of IGI (OTCQB:IMCI), announces that its Nodeware solution now includes industry-leading technology to automatically and ...
SecurityWeek

Google Finds 35,863 Java Packages Using Defective Log4j

The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow global mitigation ...
Hackaday

This Week In Security: Log4j, PDF CPU, And I Hacked Starlink

The big news this week is Log4j, breaking just a few hours too late to be included in last week’s column. Folks are already asking if this is the most severe vulnerability ever, and it does look like ...