Dark Reading

Java Security Work Remains, Bug Hunter Says

The current version of Java 7 includes a bug that can be used to bypass all security defenses in the Java browser plug-in, allowing an attacker to execute arbitrary code using the Java runtime ...
Threat Post

Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. There’s an enormous amount of software vulnerable to ...