CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
Security Boulevard

DAST Tools: Complete Buyer’s Guide & 10 Solutions to know in 2026

Compare the best DAST tools in 2026. Our buyer's guide covers 10 dynamic application security testing solutions, key features ...
SecurityWeek

SAP Patches Critical ABAP Vulnerability

SAP has released 19 new security notes on its April 2026 security patch day, including one that resolves a critical-severity ...
Dark ReadingOpinion

Every Old Vulnerability Is Now an AI Vulnerability

On March 10, 2026, Microsoft patched CVE-2026-26144, a cross-site scripting (XSS) vulnerability in Excel. XSS in Office isn't ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...