InfoSec News Nuggets 04/29/2022

Millions of Java Apps Remain Vulnerable to Log4Shell Four months after the discovery of the zero-day Log4Shell critical flaw, millions of Java applications still remain vulnerable to compromise, researchers have found. Researchers at security firm Rezilion analyzed the current potential attack surface for the vulnerability in the popular open-source Apache Log4j framework that threatened to break the internet when it was discovered in December. The flaw in the ubiquitous Java logging library Apache Log4j is easily exploitable and…
Read More