Log4j highlights ongoing cyber risk from free, open source software: Moody's Button Arrow Moody's Investors Service, citing BitSight partnership, see security flaws in free and open source software (FOSS) as a recurring source of cyber risk. This varies by industry.
