The Hill: The analysis states that a security engineer from the Alibaba Cloud Security team in China first reported the vulnerability to the Apache Software Foundation, a nonprofit organization that provides support for Log4j, the software.
Read more...