Computerworld

New bug makes moot Java’s latest anti-exploit defenses, claims researcher

Java’s new security settings, designed to block “drive-by” browser attacks, can be bypassed by hackers, a researcher announced Sunday. The news came in the aftermath of several embarrassing “zero-day” ...
Threat Post

Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. There’s an enormous amount of software vulnerable to ...