Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
ZDNet

Log4j flaw hunt shows how complicated the software supply chain really is

Open-source software is everywhere now, but the Log4j flaw that affects Java enterprise applications is a reminder of what can go wrong in the complicated modern software supply chain. The challenge ...
scmp.com

Apache Log4j bug: Alibaba Cloud vows to boost compliance after Chinese ministry pulls support for not first reporting security issue to government

Alibaba Group Holding’s cloud computing services unit, which was disciplined by China’s internet security regulator for failing to report a critical software vulnerability in a timely manner, said the ...