SecurityWeek

Exploited Vulnerability Exposes Nginx Servers to Hacking

A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild.
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...
CSO Online

Patch windows collapse as time-to-exploit accelerates

AI and the industrialization of cybercrime are helping attackers double the number of high- and critical-severity known ...

‘BlueHammer’ Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A researcher released a working ‘BlueHammer’ Windows zero-day exploit that could impact over 1 billion devices, granting ...
Bleeping Computer

Hackers exploit TrueConf zero-day to push malicious software updates

Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints. The flaw is tracked as CVE-2026 ...
The Hacker News

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Graham Cluley

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

A hacking group claims to have broken into the flood defence system protecting Venice’s Piazza San Marco – and is offering to ...