CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
SecurityWeek

Exploited Vulnerability Exposes Nginx Servers to Hacking

A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild.
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
Microsoft

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
CSO Online

Forest Blizzard leverages router compromises to launch AiTM attacks, target Outlook sessions

By altering DNS settings on vulnerable devices, Forest Blizzard redirects users to malicious infrastructure to capture ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...
Yahoo

EU Commission web platform hit by cyber-attack on March 24

Add Yahoo as a preferred source to see more of our stories on Google. Press conference following the ECB's Governing Council meeting, at the ECB headquarters in Frankfurt BRUSSELS, March 27 (Reuters) ...
AOL

EU Commission web platform hit by cyber-attack on March 24

European Union flags flutter outside the European Central Bank (ECB) headquarters in Frankfurt, Germany, March 19, 2026. REUTERS/Jana Rodenbusch BRUSSELS, March 27 (Reuters) - The European Commission ...