CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

How maze-like magnetic patterns form and evolve in materials

The rapid increase in electric vehicle adoption in recent years has highlighted a crucial issue: the energy conversion ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...