CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
Wired

An AWS Configuration Issue Could Expose Thousands of Web Apps

A vulnerability related to Amazon Web Service's traffic-routing service known as Application Load Balancer could have been exploited by an attacker to bypass access controls and compromise web ...
InfoWorld

Azul cloud service spots dead code in Java apps

A new feature of the Azul Vulnerability Protection service identifies unused code in production Java applications, aiming to ease maintenance for developers. Java software and services provider Azul ...