An 18-Year-Old Bug Just Put a Third of the Web’s Servers at Risk
A critical NGINX vulnerability lets unauthenticated attackers crash your web server and possibly run code.
Stay updated with the latest cybersecurity news, threat intelligence, and industry updates from secure.com.
A critical NGINX vulnerability lets unauthenticated attackers crash your web server and possibly run code.
The FortiBleed Fortinet firewalls compromised campaign has handed attackers working logins for over 30,000 devices across 194 countries.
Researchers have linked three new ClickFix malware attacks to loaders that open the door for data theft and ransomware.
A new OnionDrop loader malware campaign is using nation state level evasion tricks to deliver password stealing payloads at scale.
Joomla LiteSpeed vulnerabilities are being exploited right now, and CISA wants federal agencies patched within days.
A Cisco SD-WAN vManage vulnerability is being used in live attacks to seize root control of networks.
A REDCap server breach gave China-linked hackers two years inside medical research networks before anyone noticed.
The FBI shut down a Chinese AI phishing service called Outsider Enterprise that operated over one million malicious URLs.
Maine's Attorney General office shut down its maine data breach portal after discovering fabricated breach notifications for gaming platforms.
Security researchers have uncovered an agentjacking attack that hijacks AI coding agents using a single injected Sentry error to execute malicious code.
Cybercriminals are actively exploiting the critical Ivanti command injection vulnerability in Sentry after proof-of-concept code became publicly available.
Cybercriminals are exploiting VMware binary abuse techniques to deploy the NIGHTFORGE loader in sophisticated espionage campaigns targeting government institutions.