The Hacker News

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days ...
The Hacker News

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...
CSOonline

AI agent finds 18-year-old remote code execution flaw in Nginx

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...

NGINX: DoS vulnerability is being attacked

Security vulnerabilities exist in NGINX Open Source and NGINX Plus from F5. One is already being exploited and leads to DoS conditions.

Cisco: Code injection vulnerability in Unity Connection and other flaws

Cisco has released almost two dozen security updates. They close several high-risk flaws, for example in Unity Connection.
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
Network World

Telnet vulnerability opens door to remote code execution as root

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...
Bleeping Computer

Critical SAP S/4HANA vulnerability now exploited in attacks

A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn. The flaw, tracked as CVE-2025-42957, is an ABAP code ...