News
-
NGINX flaw left hidden for 18 years could allow remote code execution
A critical NGINX rewrite module flaw hidden for 18 years can let a remote attacker trigger code execution or denial of service with crafted requests, according to a technical analysis and vendor advisory.
-
MuddyWater hackers targeted South Korean electronics maker in broad espionage campaign
MuddyWater targeted at least nine organizations in a cyberespionage campaign that included a major South Korean electronics maker, government agencies and an airport, according to Symantec. The group used DLL sideloading, PowerShell and other legitimate tools.
-
Critical Exim flaw can let remote attackers run code on affected servers
A critical Exim flaw fixed in version 4.99.3 could let unauthenticated attackers execute code on affected mail servers. The bug affects some GnuTLS-based builds before 4.99.3 and is triggered during TLS shutdown with chunked SMTP traffic.
-
China-linked hackers hit Azerbaijani energy firm in repeated Exchange intrusions
A China-linked group targeted an Azerbaijani oil and gas firm in three waves between late December 2025 and late February 2026, repeatedly using the same Exchange Server entry point and swapping backdoors, according to a Bitdefender analysis.
-
Google adds Android intrusion logging to help investigate spyware attacks
Google introduced an opt-in Android intrusion logging feature for suspected spyware cases. The encrypted logs are stored for 12 months, can be downloaded by users, and are rolling out to devices with the Android 16 December update and later.
-
Vietnam moves to build domestic cloud for government workloads
Vietnam plans to build a national cloud platform by 2030 to replace foreign cloud services for government workloads, according to a new decision that also targets data sovereignty, cybersecurity and broader digital state reforms.
-
Exim patches BDAT flaw that could lead to code execution
Exim has patched CVE-2026-45185, a use-after-free flaw in BDAT parsing that could lead to memory corruption and possible code execution in affected GnuTLS-based builds. Version 4.99.3 fixes the issue.
-
Skoda says customer data stolen in online shop breach
Škoda Auto said attackers breached its online shop, stole customer personal data and accessed login credentials after exploiting a software flaw. The company said payment card details were not stored on the compromised systems.
-
RubyGems pauses new signups after major malicious attack
RubyGems has temporarily paused new account signups after what the article described as a major malicious attack involving hundreds of packages. Mend.io said it will share more details once the incident is contained.
-
Instructure reaches ransom agreement after Canvas data breach
Instructure said it reached an agreement with an unauthorized actor after a Canvas breach that exposed data tied to thousands of schools and universities, including about 275 million records. The company said stolen data was returned and no customers will be separately extorted.
