What did Log4Shell teach us about securing open source?

Join the ORC WG on Monday to explore the lessons from Log4Shell and what a CRA-ready Log4j looks like.

📆 March 16 at 12 pm EDT
➕ Add to your calendar: buff.ly/GZ8m6Gv

#CRA #CyberResilience #opensource #ORCWG #log4j #CRAMondays

Log4Shell exposed how deeply #opensource runs through the global software supply chain.

Join the next #CRAMondays (March 16 at 12 pm EDT) to discuss the lessons—and what it takes to build a CRA-ready Log4j.

➕ Add to your calendar: bit.ly/3PuQozy

#CRA #CyberResilience #ORCWG #log4j

weil jeder mit nem claude abo denkt er sei jetzt plötzlich security researcher und die bug bounty programme diverser opensource projekte mit slop flutet, stellen jetzt cURL und log4j ihre ein!

die welt ein bisschen unsicherer machen - dank KI! 😠
#cURL #log4j #KI #BugBounty #CyberSecurity #foss

openSUSE Log4j Security Update: Critical Analysis of CVE-2025-68161 TLS Vulnerability Blog com notícias sobre, Linux, Android, Segurança , etc

🚨 SECURITY UPDATE: #openSUSE has released a critical patch for Apache #Log4j. Advisory SUSE-SU-2026:0254-1 addresses CVE-2025-68161, a TLS hostname verification flaw rated MODERATE (CVSS 6.3). Read more: 👉 tinyurl.com/4h6hwah9 #Security

Java Logging - Christian Grobmeier Logging is a must-know skill for Java developers. Logging is the art of making things visible—and when your codebase crashes at 5PM Friday you’ll want all the data you can get about your application!...

My book #Java Logging is the deal of the day!

www.manning.com/books/java-l...

If you consider it, today is a good day!

#books #programming #log4j

Stay informed on the latest potato threats: Iranian mashers exploit Log4j, deploy new backdoors, and target critical sectors. #PotatoSecurity #ThreatIntel #IranianMashers #Log4j #PotatoEspionage Link: thedailytechfeed.com/iranian-mash...

Stay informed on the latest cyber threats: Iranian hackers exploit Log4j, deploy new backdoors, and target critical sectors. #CyberSecurity #ThreatIntel #IranianHackers #Log4j #CyberEspionage Link: thedailytechfeed.com/iranian-hack...

Critical #Log4j vulnerability (CVE-2025-68161) exposes sensitive log data to interception. Upgrade to version 2.25.3 immediately to secure your systems. #CyberSecurity #Apache #DataProtection Link: thedailytechfeed.com/critical-log...

Apache Log4j Coreの脆弱性(Moderate: CVE-2025-68161) - SIOS SECURITY BLOG 12/19/2025にApache Log4j Coreの脆弱性(Moderate: CVE-2025-681

SIOSセキュリティブログを更新しました。

Apache Log4j Coreの脆弱性(Moderate: CVE-2025-68161)

#sios_tech #security #vulnerability #セキュリティ #脆弱性 #log4j #apache

security.sios.jp/vulnerabilit...

Log4Shell Downloaded 40 Million Times in 2025 Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug

People. Why you gotta do me like this? Even knowing CICD pipes for versions of software that was retired years ago are still chugging along (oh yeah, I know about that one!!) this is an nsane number.

www.infosecurity-magazine.com/news/log4shell-downloade...

#log4j #cicd

Log4j downloads shows supply chain wake-up call ignored Ongoing vulnerable Log4j downloads suggest the supply chain crisis wasn't the wake-up call it should have been.

As we move through 2025, a stubborn baseline of vulnerable Log4j downloads simply won’t disappear. #log4j #devsecops #supplychain #opensource #infosec #developers #cybersecurity #tech #news #technology

Log4j to IIS China's Hackers Turn Legacy Bugs into Global Espionage Tools exploitation were successful read more about From Log4j to IIS China's Hackers Turn Legacy Bugs into Global Espionage Tools

From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools reconbee.com/log4j-to-iis...

#Log4j #IIS #chinahackers #chinesehackers #legacybugs #globalespionagetools #cyberattack

Log4j 2 Plugins | Baeldung Learn how to use the Log4j 2 extension mechanism to implement custom plugins

#Log4j 2 Plugins

From Log4Shell to the Sovereign Tech Fund: Lessons in Open Source Sustainability Podcast-Folge · The GitHub Podcast · 21.10.2025 · 31 Min.

Only a few days ago, I joined Abby and Felix Reda on the Github Podcast—to talk about funding in #opensource that we have received from @sovereign.tech

podcasts.apple.com/de/podcast/f...

#java #log4j #log4shell

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, ...

#Open #Source #Log4j #open #source #Security

Origin | Interest | Match

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, ...

#Open #Source #Log4j #open #source #Security

Origin | Interest | Match

Inside the breach that broke the internet: The untold story of Log4Shell Log4Shell proved that open source security isn't guaranteed and isn’t just a code problem. It's about supporting, enabling, and empowering the people behind the projects that build our digital infrastructure. The post Inside the breach that broke the internet: The untold story of Log4Shell appeared first on The GitHub Blog.

We have just released a new ACCU 2025 Conference Video!

Log4j - A Placement Student's Baptism by Fire - Liam Varney - ACCU 2025

#coding #log4j #programming #softwaredevelopment

Java Logging - Christian Grobmeier Logging is a must-know skill for Java developers. Logging is the art of making things visible—and when your codebase crashes at 5PM Friday you’ll want all the data you can get about your application!...

I dreamed of writing a "#Java Logging" book after #Log4shell hit.

Today I’m proud to share:
@manning.com just launched it in MEAP.

Hard to describe what that means—a circle closes.

Until Oct 2: 50% off:
hubs.la/Q03Jv97v0

#log4j #java #logback #slf4j

How to configure Daily Log File Rolling in Java using Log4j - DailyRollingFileAppender Example Hello guys, today, I am going to share one small but the useful tip about logging in to your Java application. If your Java application is a weekly restart, I mean it starts on Sunday and not again on the weekday, then you really want to have separate log files for each day. This helps during troubleshooting and debugging. But If you are facing a problem where your log files are not rolling daily and becoming bigger and bigger after each passing day, making it challenging to search anything in case of any production issue, then it might be that you have not configured your Log4j properly to roll your logs daily. --- Java Interview questions and tutorials

#corejava #Log4j

The Breach Nobody Talks About: When Digital Supply Chains Become the Next Pearl Harbor Plus Handbook For Executives

The Breach Nobody Talks About: When Digital Supply Chains Become the Next Pearl Harbor
open.substack.com/pub/bradleys...
#CyberSecurity #SupplyChainSecurity #SolarWinds #Log4j #Kaseya #ZeroTrust #CriticalInfrastructure #CyberDefense #TechLeadership #DigitalResilience #DevSecOps

🚨 New Tool Just Dropped! 🛡️

✅ Are you a Hacker, Bug Bounty Hunter, or Security Analyst?
Then this tool is made for YOU! ⚡

🔗 Check it out now:
🌐 securitytoolkits.com/tools/cve-se...

📤 Share with your friends, team, and fellow hackers!
#BugBounty #Infosec #CVE #Log4j #SecurityTools #EthicalHacking