Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
CSO Online

Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered

Now that an attacker can use an LLM to weaponize a bug the minute it's found, taking 12 days to patch ‘is essentially a ...
Bleeping Computer

News in the Security category

A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. Browser-based attacks, from AITM phishing and ...
Computerworld

Security

Don't sleep on this powerful new Chrome security booster Google's Chrome security setup has one glaring weakness that's finally possible to correct — if you take the time to do it.
NPR

National Security

April 20, 2026 • President Trump said a U.S. delegation will head to Pakistan to resume talks to end the war with Iran, but Tehran expressed reluctance after the U.S. seized one of its cargo ships in ...