CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

Researchers detail how a prompt injection attack bypassed Apple Intelligence protections

A now corrected issue let researchers circumvent Apple’s restrictions and force the on-device LLM to execute ...
CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.
CoinDesk

The $292 million Kelp exploit: how it happened, and what it means for DeFi

DeFi's "worst year in terms of hacks," Ledger's CTO said, as the Kelp exploit shows how a single point of failure can cascade ...
Morningstar

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

Azul webinar series examines the hidden security, compliance and productivity costs of free Java runtimes Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today ...
Crypto Briefing

KelpDAO bridge hack drains $292M in largest DeFi exploit of 2026

KelpDAO's bridge hack drained $292M, marking the largest DeFi exploit of 2026; Ethereum's price dip to $2,300 is now at 100% ...
DecryptOpinion

Morning Minute: DeFi's Future in Question After $292M KelpDAO Exploit

DeFi TVL fell by $13B after the KelpDAO exploit, and now the Vercel CEO is saying "highly sophisticated" actors used AI for ...

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...
CoinDesk

LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus

LayerZero said the attackers compromised two RPC nodes the company's verifier relied on and DDoS'd the rest, with the attack ...
BeInCrypto

Justin Sun Offers to Negotiate With KelpDAO Hacker After $292 Million Exploit

Justin Sun publicly offered to negotiate with the KelpDAO bridge hacker. The exploit drained 116,500 rsETH and created bad ...
BeInCrypto

LayerZero Ties KelpDAO Exploit to Lazarus Subgroup TraderTraitor

LayerZero attributes the $290M KelpDAO exploit to North Korea's TraderTraitor, citing RPC-poisoning as the attack vector.

How A Roblox Cheat Download Triggered A $2 Million Hack At Vercel

How A Roblox Cheat Triggered A $2 Million Breach At Vercel. Why The Vercel Incident Changes The Economics Of Enterprise AI ...