CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
SecurityWeek

Oracle Patches 450 Vulnerabilities With April 2026 CPU

The April 2026 Oracle CPU includes 481 new security patches addressing 450 unique CVEs across 28 product families.

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Less Cloud, More Control: PHP Moves Back to Own Data Center

PHP development is increasingly taking place outside the cloud. PHP 8.3 is mostly used. Windows is experiencing a comeback ...
Arabian Post

MCP flaw rattles AI supply chain

Anthropic’s Model Context Protocol, a fast-growing standard used to connect AI models with external tools and data, has come ...

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
InfoQ

Google ADK for Java 1.0 Introduces New App and Plugin Architecture, External Tools Support, and More

Google's Agent Development Kit for Java reached 1.0, introducing integrations with new external tools, a new app and plugin ...
InfoWorld

Ease into Azure Kubernetes Application Network

Microsoft has simplified service mesh scaling and management with an ambient-based service network for AKS. Here’s how to get ...
SecurityWeek

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

A researcher analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly ...

Google’s Gemini can now run on a single air-gapped server — and vanish when you pull the plug

Cirrascale and Google Cloud are bringing Gemini on-premises through Google Distributed Cloud, giving enterprises and ...

MCP Dev Summit Solutions Showcase

The MCP Dev Summit featured more than 50 sponsors offering MCP and related agentic AI products for the enterprise.