CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

NIST to stop rating non-priority flaws due to volume increase

The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due ...

Clarifying HEVC licensing fees, royalties, and why vendors kill HEVC support

When the companies disabled HEVC support built into the CPUs of select PCs, it raised uncomfortable questions: Why remove a ...