CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java Spring ecosystem.

What Happens in the First 24 Hours After a New Asset Goes Live

When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from ...