CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

Minecraft's powerful new mob just arrived in Java, and I can't wait to see what players build

The Minecraft Chaos Cubed update gets its first Java snapshot, adding the Sulfur Caves biome and a new mob that's perfect for ...
ADTmag

Java Framework Makers Ship Fixes, Security Patches, and Milestone Builds in March Sprint

Several widely used Java frameworks and tools released new versions in the weeks surrounding Oracle's March 17 launch of JDK 26, as the Spring ecosystem and related projects continued iterating toward ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

CISA flags Apache ActiveMQ flaw as actively exploited in attacks

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this ...