CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
Tech Xplore

OpenAI announces restricted-access cybersecurity model

Artificial intelligence company OpenAI said Tuesday that it would release its latest cybersecurity model to a limited number ...

This Android Setting Makes It Easy to Manage All Your App Permissions

You can revoke special permissions that aren't needed.

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...
Reuters

From Australia to Europe, countries move to curb children's social media access

April 8 - Australia in December became the world's first country to ban social media for children under 16, blocking them from platforms including TikTok, Alphabet's (GOOGL.O), opens new tab YouTube ...

Hyperbridge attacker mints 1B bridged Polkadot tokens in $237K exploit

An attacker minted 1 billion bridged DOT tokens on Hyperbridge before selling it all for just $237,000 in Ether, igniting renewed concerns tied to cross-chain bridge security.