NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
What's new: A critical vulnerability in NGINX, tracked as CVE-2026-42945, has been actively exploited in the wild. This heap buffer...
Information Security
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
What's new: Analysis by Symantec and Carbon Black has confirmed that the fast16 malware, developed before Stuxnet, was designed to...
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
What's new: Four malicious npm packages have been identified that deliver information-stealing malware and a DDoS botnet. The packages are:...
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
What's new: Ivanti, Fortinet, SAP, VMware, and n8n have released patches addressing critical vulnerabilities, including remote code execution (RCE), SQL...
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
What's new: A new Windows privilege escalation zero-day vulnerability, codenamed MiniPlasma, has been disclosed, allowing attackers to gain SYSTEM privileges...
