CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.
CoinDesk

The $292 million Kelp exploit: how it happened, and what it means for DeFi

DeFi's "worst year in terms of hacks," Ledger's CTO said, as the Kelp exploit shows how a single point of failure can cascade ...
Crypto Briefing

KelpDAO bridge hack drains $292M in largest DeFi exploit of 2026

KelpDAO's bridge hack drained $292M, marking the largest DeFi exploit of 2026; Ethereum's price dip to $2,300 is now at 100% ...
BeInCrypto

Justin Sun Offers to Negotiate With KelpDAO Hacker After $292 Million Exploit

Justin Sun publicly offered to negotiate with the KelpDAO bridge hacker. The exploit drained 116,500 rsETH and created bad ...

Vercel confirms breach as hackers claim to be selling stolen data

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems ...
PCMag on MSN

I Asked AI to Create Passwords. Here's Why I'll Never Do That Again

They may look complex, but AI-generated passwords often follow predictable patterns that hackers can exploit. I'll show you ...
CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects ...
Live Science on MSN

Hackers used Claude and ChatGPT to steal hundreds of millions of Mexican government records

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.