Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

Learn how proxy servers work and uncover their role as the hidden layer of the internet. Explore types, benefits, security features, and how they enhance privacy and control online access.

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.

A threat actor claims to have leaked a database from a KP government domain, exposing login credentials, user roles, and ...

Stolen session cookies bypass MFA because tokens remain valid for hours or days, enabling silent account takeovers without triggering security alerts.

Claude exploited for extortion, Grok in national security. We asked eight AI safety and cybersecurity experts: has the AI ...