A critical bug in a bit of open source tech called Log4j has been causing panic in the infosec community, reports Ivan Mehta. And, while major companies are scrambling to apply fixes, “the open source community has a raging debate going on about funding volunteers that maintain projects like Log4j.”
Many large corporations depend heavily on free and open source software projects such as Log4j, Mehta notes; however, project contributors and maintainers often receive only a small amount of financial support through GitHub or Patreon.
Read the complete article at The Next Web and learn more about the Log4j vulnerability from The New Stack and Wired.
Comments