The next 𝗟𝗼𝗴𝟰𝗦𝗵𝗲𝗹𝗹 is not a matter of 𝘪𝘧, but 𝘸𝘩𝘦𝘯. The critical Java libraries we use daily are built mainly by volunteers
𝗪𝗲 𝗰𝗮𝗻'𝘁 𝘄𝗮𝗶𝘁 𝗳𝗼𝗿 𝗮𝗻𝗼𝘁𝗵𝗲𝗿 𝗱𝗶𝘀𝗮𝘀𝘁𝗲𝗿!
That's why we're building a new solution: a nonprofit partnership between 𝘁𝗵𝗲 𝗰𝗼𝗺𝗽𝗮𝗻𝗶𝗲𝘀 𝘂𝘀𝗶𝗻𝗴 𝗰𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗝𝗮𝘃𝗮 𝗹𝗶𝗯𝗿𝗮𝗿𝗶𝗲𝘀 and 𝘁𝗵𝗲 𝗺𝗮𝗶𝗻𝘁𝗮𝗶𝗻𝗲𝗿𝘀 (like @pkarwasz of Apache Log4j) who support them.
To build a model that works, we need your input.
Hörenswerter Podcast "Wild Wild Web - Geschichten aus dem Internet" mit der Episode "Das wichtigste Hobby der Welt" über Open Source-Maintainer u. a. mit @foosel und der #Log4Shell Story
https://www.ardaudiothek.de/episode/urn:ard:episode:b15e62d1e3e6823a/
Together with our Staff Software Engineer, Łukasz Rola, we’re launching a brand-new series: Java Crack of the Week! 
https://youtube.com/watch?v=JhH9N6pWPKk
In the first episode, Łukasz dives deep into one of the most critical Java vulnerabilities ever discovered: Log4Shell (CVE-2021-44228).
This series is part of our celebration of Java’s 30th anniversary - make sure to subscribe to our YouTube channel for weekly episodes!
A single misstep in your infrastructure code can open the door to attacks. At #JCON2025, Jonathan Vila reveals the most common IaC security mistakes — and how to avoid them. Join his session!
Want to prep early? Check his #JAVAPRO article: https://javapro.io/2025/04/29/top-security-flaws-injections/
New Open-Source Tool Spotlight 
Log4Shell still has lingering risks. If you're managing Java apps, check out Log4shell-detector on GitHub. It scans for vulnerable Log4j usage with minimal setup. Regular audits help keep your environment secure. #cybersecurity #Log4Shell
Project link on #GitHub https://github.com/Neo23x0/log4shell-detector
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— 
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 
DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots – Source: www.securityweek.com https://ciso2ciso.com/dhs-disbands-cyber-safety-review-board-ending-one-of-cisas-few-bright-spots-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #IncidentResponse #securityweekcom #securityweek #SaltTyphoon #Government #log4shell #Microsoft #Lapsus #CISA #CSRB #DHS
DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots https://www.securityweek.com/dhs-disbands-cyber-safety-review-board-ending-one-of-cisas-few-bright-spots/ #IncidentResponse #SaltTyphoon #Government #Log4Shell #Microsoft #Lapsus$ #CISA #CSRB #DHS
DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots https://www.securityweek.com/dhs-disbands-cyber-safety-review-board-ending-one-of-cisas-few-bright-spots/ #IncidentResponse #SaltTyphoon #Government #Log4Shell #Microsoft #Lapsus$ #CISA #CSRB #DHS
Was just reminded that #Log4Shell was 2021. Still feels like it was just a few weeks ago. Probably because we haven't learned any lessons from it.
Today, 3 years ago, the (in)famous #Log4Shell vulnerability was made public.
This was an arbitrary code execution in the popular #Java logging framework #Log4j, the issue was there since 2013. This vulnerability received a CVSS severity rating of 10, the highest possible.
Hope you all updated your billions of devices running Java out there already!
Excited and honored to speak at the #Japan #Java User Group this November! I’ll dive into the story behind #Log4j and #Log4shell, explore the impacts on the open-source ecosystem, and discuss lessons learned since. Looking forward! #OpenSource #JUG
https://www.java-users.jp/post/night202411/
Log4Shell still sends shivers down my spine! 
This #RedHat article revisits the infamous vulnerability and reminds us about software supply chain security, vulnerability management, and the power of open source collaboration. #Log4Shell #cybersecurity #redhat
3 years after #Log4shell, Bloomberg wrote "Hackers are still targeting #Log4j". The article is not mindblowing, but it reminds us to update! https://www.bloomberg.com/news/newsletters/2024-10-09/hackers-still-target-outdated-software-flaw-despite-available-fixes?srnd=undefined
Three years after #Log4Shell caused a significant security issue, we still struggle with insecure dependencies and injection problems, join @brianverm, Jonathan Vila, Erik Costlow, and @frankdelporte for a lively #Java #OpenJDK and beyond discussion on Foojay 
!
https://foojay.io/today/foojay-podcast-58-how-java-developers-can-secure-their-code/
Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware https://www.securityweek.com/two-years-on-log4shell-vulnerability-still-being-exploited-to-deploy-malware/ #Malware&Threats #Vulnerabilities #CVE202144228 #Log4Shell #Datadog #Log4j
Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware https://www.securityweek.com/two-years-on-log4shell-vulnerability-still-being-exploited-to-deploy-malware/ #Malware&Threats #Vulnerabilities #CVE202144228 #Log4Shell #Datadog #Log4j
Hat jemand schonmal im #informatikEdu Unterricht #Log4Shell #xz oder den #crowdstrike Bug besprochen? Wollte das im 11er Kurs thematisieren und frage mich, ob jemand dazu S-taugliches Material oder Ideen hat!
#FediLZ
https://dev.to/bitbybit/how-an-overlook-in-development-wreaked-havoc-on-the-internet-the-log4shell-vulnerability-2924 - how #Log4Shell works, and how it's easy for a design fail to shoot developers in the foot. Nice exploration https://linkedin.com/in/jaiyank-saxena.
Why Hackers Love Logs https://www.securityweek.com/why-hackers-love-logs/ #IncidentResponse #Incidentresponse #Log4Shell #Featured
Why Hackers Love Logs https://www.securityweek.com/why-hackers-love-logs/ #IncidentResponse #Incidentresponse #Log4Shell #Featured
