CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.
CoinDesk

The $292 million Kelp exploit: how it happened, and what it means for DeFi

A roughly $292 million exploit over the weekend has rattled the crypto industry, exposing vulnerabilities in decentralized ...

Vercel confirms breach as hackers claim to be selling stolen data

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems ...
BeInCrypto

Bridged Polkadot Reportedly Hit by Exploit as Attacker Mints 1 Billion DOT Tokens

Attacker reportedly exploits a Hyperbridge gateway vulnerability to mint 1B bridged DOT on Ethereum, then dumps it for 108.2 ...
PCMag on MSN

I Asked AI to Create Passwords. Here's Why I'll Never Do That Again

They may look complex, but AI-generated passwords often follow predictable patterns that hackers can exploit. I'll show you ...
Live Science on MSN

Hackers used Claude and ChatGPT to steal hundreds of millions of Mexican government records

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.

Claude Mythos Isn’t Just A PR Stunt, It’s The New Face Of Offensive AI

Claude Mythos represents a new generation of AI models that can conduct autonomous attacks more effectively than ever before.

Hacker mints 1B fake DOT in Hyperbridge exploit: What it means

A major security incident has shaken confidence around Polkadot’s cross-chain ecosystem after attackers managed to exploit a ...