The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Dark Reading

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...
Dark Reading

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...

Web residential proxies: The ultimate solution for SEO tools

Automated tools hitting the same endpoints repeatedly? Throttled or banned. This is where web residential proxies step in.
Security Boulevard

46 Vulnerability Statistics 2026: Key Trends in Discovery, Exploitation, and Risk

Vulnerability attacks rose 56% in 2025. Explore 46 statistics on CVE disclosure, exploitation patterns, and industry impact to guide your 2026 security strategy. The post 46 Vulnerability Statistics ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
Human Rights Watch

Children's Rights

Millions of children have no access to education, work long hours under hazardous conditions, or have their safety and futures threatened by armed conflict. They suffer targeted attacks on their ...