Computer Weekly

Log4Shell: How friendly hackers rose to the challenge

Imagine the scene: a severe vulnerability emerges that affects organisations worldwide, allowing unauthorised access to highly sensitive data. This scenario happened in late 2021 when a popular open ...
Infosecurity-magazine.com

Log4Shell Used in a Third of Malware Infections

The infamous Log4Shell vulnerability was exploited as an initial infection vector in 31% of cases monitored by Lacework over the past six months. The software vendor’s latest Lacework Cloud Threat ...
TechCrunch

Study: 30% of Log4Shell instances remain unpatched

On December 9, 2021, a critical zero-day vulnerability affecting Apache’s Log4j2 library, a Java-based logging utility, was disclosed to the world and broke the internet. As the third most used ...
Infosecurity-magazine.com

Log4Shell Downloaded 40 Million Times in 2025

Tens of millions of downloads of the popular Java logging library Log4j this year were vulnerable to a CVSS 10.0-rated vulnerability that first surfaced four years ago, according to Sonatype. The ...
CSOonline

Log4Shell remains a big threat and a common cause for security breaches

The Log4Shell critical vulnerability that impacted millions of enterprise applications remains a common cause for security breaches a year after it received patches and widespread attention and is ...
Ars Technica

Explaining Spring4Shell: The Internet security disaster that wasn’t

Hype and hyperbole were on full display this week as the security world reacted to reports of yet another Log4Shell. The vulnerability came to light in December and is arguably one of the gravest ...