ZDNet

Log4Shell flaw: Still being used for crypto mining, botnet building... and Rickrolls

Log4Shell, the critical bug in Apache's widely used Log4j project, hasn't triggered the disaster that was feared, but it's still being exploited and predominantly from cloud computers in the US. The ...
Infosecurity Magazine

Log4Shell Downloaded 40 Million Times in 2025

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...
Infosecurity-magazine.com

Log4Shell Used in a Third of Malware Infections

The infamous Log4Shell vulnerability was exploited as an initial infection vector in 31% of cases monitored by Lacework over the past six months. The software vendor’s latest Lacework Cloud Threat ...
TechCrunch

Study: 30% of Log4Shell instances remain unpatched

On December 9, 2021, a critical zero-day vulnerability affecting Apache’s Log4j2 library, a Java-based logging utility, was disclosed to the world and broke the internet. As the third most used ...
CSOonline

Log4Shell remains a big threat and a common cause for security breaches

The Log4Shell critical vulnerability that impacted millions of enterprise applications remains a common cause for security breaches a year after it received patches and widespread attention and is ...