There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.

The maintainers of the Java Log4j project had only three sponsors, despite the software being a crucial part of large companies' commercial products and enterprise applications.

Waratek combines a Log4J Vulnerability Scanner and API security in its Java Security Platform to provide users with the ability to scale strategic risk mitigation in the enterprise.

A WARNING has been issued for those who use the Log4J logging library that a spreading botnet could open up “a whole new pool of potential victims.” The warning was issued by Cybersecur… ...