JNDI

Apache Releases Log4j 2.16.0 to Patch Lingering DoS Vulnerability

Amid the focus on Log4j while patching CVE-2021-44228, a JNDI injection RCE vulnerability, Apache has released 2.16.0 which disables JNDI by default and removes support for Message lookups in order to fix a newly discovered denial of service vulnerability.

December 14, 2021 19:39 GMT

Apache Log4j Zero-Day Exposes Java Applications to RCE

A high-severity zero-day has been uncovered in Apache Log4j which could allow a log injection RCE exploit.

December 10, 2021 18:45 GMT

Hand-Picked Top-Read Stories

Weekly Top 10: 11.03.2025: Bluenoroff Expands Crypto Heists; $14B Crypto Seizure Tied to Scam Syndicate; Microsoft WSUS: Emergency Mitigation for Active RCE, and More.

What Makes a Good Password?

Weekly Top 10: 10.27.2025: Medusa Ransomware Leaks Claimed 834 GB After $1.2m Demand; Toolshell’ Exploitation Campaign Hits Multiple Sectors; E-Business Suite SSRF Zero-Day Actively Exploited, and More.

Trending Tags

Apache Releases Log4j 2.16.0 to Patch Lingering DoS Vulnerability

Apache Log4j Zero-Day Exposes Java Applications to RCE

2025

Threat Advisories

Weekly Top 10: 11.03.2025: Bluenoroff Expands Crypto Heists; $14B Crypto Seizure Tied to Scam Syndicate; Microsoft WSUS: Emergency Mitigation for Active RCE, and More.

Weekly Top 10: 10.27.2025: Medusa Ransomware Leaks Claimed 834 GB After $1.2m Demand; Toolshell’ Exploitation Campaign Hits Multiple Sectors; E-Business Suite SSRF Zero-Day Actively Exploited, and More.

Weekly Top 10: 10.20.2025: Microsoft Revokes 200+ Certs Used in Fake Teams Installers; Chinese Apt ‘Jewelbug’ Hit Russian It Services Firm; CISA ICS Advisory: Hitachi Energy MACH GWS, and More.

Weekly Top 10: 10.13.2025: Ransomware Arrests Tied to Kido Education Attack; Discord Confirms 70,000 Users’ ID Photos Exposed; Azure Outage Tied to Kubernetes Crash at Microsoft Front Door, and More.

Weekly Top 10: 10.06.2025: Hackers Launch Extortion Campaign Targeting Oracle E-Business Suite Customers; GreyNoise Detects 500% Surge in Scans Targeting Palo Alto Networks Portals; Ransomware Gang Sought BBC Reporter’s Help, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware