Apache - The ASFWhat did Log4Shell teach us about securing open source?
Join the ORC WG on Monday to explore the lessons from Log4Shell and what a CRA-ready Log4j looks like.
📆 March 16 at 12 pm EDT
➕ Add to your calendar: https://buff.ly/GZ8m6Gv
AllAboutSecuritySAP Patch Day März 2026: Zwei HotNews-Lücken in Log4j und NetWeaver geschlossen
Im Fokus stehen eine seit Jahren bekannte Log4j-Komponente und eine Deserialisierungslücke im NetWeaver Enterprise Portal.
SAP Patch Day März 2026: Zwei HotNews-Lücken in Log4j und NetWeaver geschlossen
SAP schließt im März 20 Sicherheitslücken – darunter zwei HotNews mit CVSS 9,8 und 9,1. Alle Patches im Überblick.
Log4Shell revealed just how deeply open source runs through the global software supply chain—and how hard it can be to respond when a critical dependency fails.
Join the ORC WG for the next #CRAMondays to explore the lessons from Log4Shell and what it takes to build a CRA-ready Log4j.
📆 March 16 at 12 pm EDT
➕ Add to your calendar: https://bit.ly/3PuQozy
Foojay.ioI'm afraid the deprecation of the Security Manager just added several lines to that risk, all linked to running untrusted code....
#JEP411 #Log4J #Log4Shell #Security #securitymanager
https://foojay.io/today/running-untrusted-code/
#JEP411 #Log4J #Log4Shell #Security #securitymanager
https://foojay.io/today/running-untrusted-code/
Dirk Schnelle-WalkaProjects like Log4j are seeing a flood of low-quality, likely AI-generated security reports that overwhelm maintainers with noise. After high volumes since Dec 2025, only a tiny fraction are real issues and reviewing them strains volunteer time.
Code generation by #AI is not bad per se, but you should still know what you are doing.
https://share.google/5NzOQ0fhog8X2xbfw #OpenSource #Security #Log4j #OSS #AIspam #aicodewriting #codegeneration #vibecoding
Tarnkappe.info📬 Wegen KI-Spam: curl stellt Bug-Bounty ein
#ITSicherheit #Kommentar #KünstlicheIntelligenz #Apache #BugBounty #curl #hackerone #kispam #log4j https://sc.tarnkappe.info/22820d
#ITSicherheit #Kommentar #KünstlicheIntelligenz #Apache #BugBounty #curl #hackerone #kispam #log4j https://sc.tarnkappe.info/22820d
𝗣𝗠𝗝 ⚫weil jeder mit nem claude abo denkt er sei jetzt plötzlich security researcher und die bug bounty programme diverser opensource projekte mit slop flutet, stellen jetzt cURL und log4j ihre ein!
die welt ein bisschen unsicherer machen - dank KI! 😠
#cURL #log4j #KI #BugBounty #CyberSecurity #foss #opensource
lugidaniYou know that meme about "all modern digital infrastructure"? I found it in real life! #log4j #allModern #IT #infrastructure
Christian GrobmeierMy book #Java Logging is the deal of the day!
https://www.manning.com/books/java-logging
If you consider it, today is a good day!
Java Logging - Christian Grobmeier
Logging is a must-know skill for Java developers. Logging is the art of making things visible—and when your codebase crashes at 5PM Friday you’ll want all the data you can get about your application! Java Logging introduces and expands the logging skills every developer needs to master. For newer coders, everything is explained from the ground up in clear, accessible language. For the old hands, this is a chance to catch up with the state of the art in tools and techniques, including Log4j2! In Java Logging you’ll learn: Reading and analyzing log files The key components of standard logging systems Writing good and useful logging code Integrating multiple logging tools into your workflow Logging lets you monitor your software for unexpected behavior, spot slowdowns and areas for performance tuning, easily audit for compliance and—most important of all—makes it easier to debug when things go wrong. Your expert guide in Java Logging is Christian Grobmeier, logging veteran and current maintainer of Apache Log4j. Through stories of experience, hands-on examples, and important tips, Christian shows you how to create the kind of logs that you (and your colleagues) will be thankful for.
UndeadJamie4 years already since the Log4J incident. That was not a fun time, but this meme made me laugh again this morning. 😆
