A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...

Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month.

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Microsoft’s May Patch Tuesday fixes 120 flaws, including 31 remote code execution bugs, with no zero-days reported at release ...

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...

Windows networking and authentication components, including four critical remote code execution bugs patched in this month’s ...

Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows ...

Microsoft's May Patch Tuesday release broke a long zero-day streak, arriving without any vulnerabilities listed as exploited or publicly disclosed.