CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
Wired

An AWS Configuration Issue Could Expose Thousands of Web Apps

A vulnerability related to Amazon Web Service's traffic-routing service known as Application Load Balancer could have been exploited by an attacker to bypass access controls and compromise web ...