CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java Spring ecosystem.

New Xbox Boss Says 'We Know We Have Work to Do' as Console Revenue Continues to Plummet

New Xbox boss Asha Sharma has acknowledged the ongoing financial struggles of Microsoft’s gaming business, amid a shakeup and ...

Halo's Kiki Wolfkill Reveals She's Left Microsoft After 28 Years

Kiki Wolfkill, art director, producer, and veteran of the Halo franchise and other big Xbox properties, revealed she's ...
Security Boulevard

SAML vs OIDC vs OAuth 2.0: 12 Differences Every B2B Engineering Team Should Know

Choosing between SAML, OIDC, and OAuth 2.0? Explore 12 critical differences to help your B2B engineering team select the right authentication protocol today.

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...