Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
Dark Reading

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker ...