Infosecurity-magazine.com

Log4Shell Downloaded 40 Million Times in 2025

Tens of millions of downloads of the popular Java logging library Log4j this year were vulnerable to a CVSS 10.0-rated vulnerability that first surfaced four years ago, according to Sonatype. The ...
SecurityWeek

From Open Source to OpenAI: The Evolution of Third-Party Risk

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how visibility and shift-left security reduce exposure.

Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of malicious code.
Opinion
Security BoulevardOpinion

Best of 2025: Oracle Breach: The Impact is Bigger Than You Think | Grip

Learn how the Oracle breach amplifies your risk from rogue cloud tenants plus how Grip helps organizations detect exposure and respond fast to mitigate risks.
GitHub

Log4j2 appender for Report Portal

To start using Report Portal log appending you need to include this library into your project dependencies according to your build system. sending a File object as a log4j log message. In this case a ...
InfoWorld

Nvidia bets on open infrastructure for the agentic AI era with Nemotron 3

The company is positioning its new offerings as a business-ready way for enterprises to build domain-specific agents without first needing to create foundation models. AI agents must be able to ...
InfoWorld

Cloud Computing

Learn how to use advanced techniques like short-circuiting, parallel execution, virtual threads, and stream gatherers to maximize Java stream performance. AI initiatives don’t stall because models ...
GitHub

OpenTelemetry Instrumentation for Java

This project provides a Java agent JAR that can be attached to any Java 8+ application and dynamically injects bytecode to capture telemetry from a number of popular libraries and frameworks. You can ...