Cat 🐈🥗 (D.Burch) 
You've heard about log4j, but what about log5j⁠?
Dec 30 at 11:06amWeb
Show thread Dec 30
@catsalad logbleed innit
Show threadElizaDec 30

@catsalad

😬 😭
nooooo

Show threadCat 🐈🥗 (D.Burch) Dec 30
@eliza The tears of someone who had to deal with log4j! Has it really been 4 years? 😭
Show threadElizaDec 30

@catsalad

It feels just like yesterday 😭

Show threaddraeathDec 30
@eliza @catsalad
Show threadFritz AdalisDec 30
@catsalad
Log4j/k
Show threadSchoentoon 🇳🇱🇨🇭Dec 30
@catsalad Maybe they tried the same as the ip people. Skip 5, go straight to log6j
Show thread猫猫   Dec 30
@catsalad waiting for log5shell then ​
Show threadReijo PitkänenDec 30
@catsalad log5G, built in bio monitoring. *Subject to random, weakass exploit
Show threadSindarina, Edge Case DetectiveDec 30
@catsalad We skipped straight from log4j to log6j, which is much more scaleable, but for some reason people keep choosing version 4, even for new projects 😞
Show threadAleksei 🇪🇪Dec 30
@catsalad log5j sounds like one of those aur/npm packages that pretend to be legit but mine crypto
Show threadrobot 9001Dec 30
@catsalad 2log4j8me
Show threadFuchsiii~~~Dec 30
@catsalad stop forking vulnerabilities x(
Show threadKevin Karhan Dec 31

@fuchsiii @catsalad why?

@metasploit needs new modules!

Show threadpejacobyJan 1

@catsalad Nooooooooooooooooooooooo... we are still chasing installed versions of log4j from 2014 in vendor software that they can't tell us if they are actually vulnerable or just lazy AF and don't give a shit.

You're gonna tell me log5j is usually in a hidden directory so my tools can't detect it, but you can feel it's presence, right?

#schrödingersDLL