Nginx 1.30 changes default proxy behavior

ECH encrypts the TLS handshake, backends speak HTTP/2, and Multipath TCP uses multiple network paths in parallel.
Security Boulevard

From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

Hiding in imposter sites, GitHub downloads, and YouTube links, this infostealer is designed to hijack accounts and drain ...
Cybernews

Critical vulnerability affects wolfSSL, an encryption library protecting 5 billion devices and apps

A critical vulnerability in the wolfSSL encryption library, used in billions of apps and devices, allows attackers to forge digital signatures and spoof trusted entities.
Security Boulevard

Payouts King Takes Aim at the Ransomware Throne

IntroductionIn February 2022, BlackBasta emerged as a successor to Conti ransomware and quickly rose to prominence. BlackBasta was operational for three years until February 2025 when their internal ...
Microsoft

Building your cryptographic inventory: A customer strategy for cryptographic posture management

Learn how to build a comprehensive cryptographic inventory and strengthen quantum‑safe readiness using Microsoft Security ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...

Critical flaw in wolfSSL library enables forged certificate use

A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...