CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

Google Chrome users beware — experts warn over 100 Web Store extensions found stealing user data from thousands of accounts

Socket finds 108 malicious Chrome extensions stealing tokens and data Extensions harvest Google account info, hijack Telegram ...