CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been ...

Plugins for AI coding tools sound like complex infrastructure. In practice, Markdown files and an HTTP API are sufficient.

Exposed LLM servers are being actively scanned and exploited. Learn how attackers find misconfigured AI infrastructure and ...

Compare the best DAST tools in 2026. Our buyer's guide covers 10 dynamic application security testing solutions, key features ...

This week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda ...

Attackers are currently exploiting a critical security vulnerability in Nginx. Instances in Germany are also threatened.

The U.K.’s NCSC warns that Russian hackers linked to the country’s GRU Military Intelligence Unit are using compromised ...