ZDNet

Java unserialize remote code execution hole hits Commons Collections, JBoss, WebSphere, WebLogic

Researchers from Foxglove Security have reportedly discovered a remote code execution hole in the widely used Apache Commons library, thanks to the insecure method in which Java unserializes objects, ...
Bleeping Computer

New Spring Java framework zero-day allows remote code execution

A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, allowing unauthenticated remote code execution on applications. Spring is a very ...
InfoWorld

HSA targets native parallel execution in Java virtual machines by 2015

Industry consortium HSA Foundation intends to bring native support for parallel acceleration in Java virtual machines, which would make it easier to tap into multiple processors like graphics ...
Bleeping Computer

New zero-day exploit for Log4j Java library is an enterprise nightmare

Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises alike ...
InfoWorld

Azul, Cast AI join forces on Java performance

Combination of Azul JDK and Cast AI app performance platform aims to improve Java runtime efficiency in Kubernetes-based public cloud environments.